Yesterday evening a large security hole was discovered in Mambo. Abusing global variables a possible attacker can get admin access to your website and to your database. The hole is present in all versions of Mambo, the old 4.5 version and the actual version 4.5.1.

More background information at [mamboportal.com...]