Mambo CMS 4.6.5 uses world-readable permissions on configuration.php, which allows local users to obtain the admin password hash by reading the file.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mambo_cms | Mambo-foundation | 4.6.5 (including) | 4.6.5 (including) |