Mambo Communities in cooperation with SiteGround web hosting launches Free Mambo Templates!

This section adds valuable resources which can be used by all Mambo lovers and the best part? It's all FREE! Currently the Mambo templates section offers 4 categories - General, IT Business, Real Estate, e-Commerce for a total of 24 free templates. More templates and categories will be constantly added on the section so keep checking in on us.

Team Mambo has released a new flavor of Mambo -- the Raw Core installation. This installation is for everyone who wants a Mambo with a smaller footprint; for those who don't want sample data, a WYSIWYG editor, and a bunch of components and modules you may not use.

The Raw Core is currently available for download and feedback. We've only released 4.6 RC2 in this format for now. If the feedback supports continuing down this path, the Team will move forward with developing this idea.

Version 4.6 is nearing production release and brings with it a number of notable enhancements and refinements. The team has spent countless hours revamping the core, fixing bugs, increasing security, and adding features.

Version 4.6 is currently in the public consultation phase of RC2. The production release will occur in August of this year. 

Dr.Jr7 has discovered a vulnerability in the Mambatstaff component for Mambo, which can be exploited by malicious people to compromise a vulnerable system.

Input passed to the "mosConfig_absolute_path" parameter in components/com_mambatstaff/mambatstaff.php is not properly verified before being used to include files. This can be exploited to execute arbitrary PHP code by including files from local or external resources.

Successful exploitation requires that "register_globals" is enabled.

The vulnerability has been confirmed in version 3.0. Other versions may also be affected.

Click here for more details.