CVE-2007-0789

Affected software: Mambo before 4.5.5. Vulnerable component: cancel edit functions (via id parameter). Issue: SQL injection that allows remote attackers to execute arbitrary SQL commands. Impact: potential data compromise via arbitrary queries. Remediation: upgrade to Mambo 4.5.5 or later; as a t...