The Joomla! Community Portal ™

JoomlaConnect

JoomlaConnect - Security English

(View All Languages)

Recent Posts

Admin Exile 2.3.5

  • Report this


Admin Exile version 2.3.5 SQL injection

Update notice url http://www.richeyweb.com/development/joomla-plugins/71-adminexile-for-joomla-16

 

Keep reading about: Admin Exile 2.3.5...
 

MijoShop, 2.4.x - 2.5.x,

  • Report this


MijoShop, 2.4.x - 2.5.x, SQL Injection

Keep reading about: MijoShop, 2.4.x - 2.5.x,...
 

MijoShop, 2.4.x - 2.5.x,

  • Report this


MijoShop, 2.4.x - 2.5.x, SQL Injection

Extension Update Details 2.5.2

UpdateNoticeURL http://miwisoft.com/blog/mijoshop-252-security-update-released

Keep reading about: MijoShop, 2.4.x - 2.5.x,...
 

creative contact form 2.0.0 and bedore

  • Report this


update to 2.0.1 with immdediate effect . developer creative-solutions.net should be contacted for more information. Dev has not contacted the vel team on this issue.

Keep reading about: creative contact form 2.0.0 and bedore...
 

MijoSEF pre 1.5

  • Report this


From developers site SQL injection vulnerability
all questions to the developer @Miwisoft who has not informed us of this vulnerability.

Keep reading about: MijoSEF pre 1.5...
 

Akeeba CMS Update

  • Report this


Extension Update Details

Akeeba CMS Update 1.0.2


Update Notice URL
https://www.akeebabackup.com/home/news/1605-security-update-sep-2014.html

Keep reading about: Akeeba CMS Update...
 

Akeeba Backup

  • Report this


Extension Update Details

Akeeba Backup 4.0.4


UpdateNoticeURL
https://www.akeebabackup.com/home/news/1605-security-update-sep-2014.html

Keep reading about: Akeeba Backup...
 

[20140904] - Core - Denial of Service

  • Report this


  • Project: Joomla!
  • SubProject: CMS
  • Severity: Low
  • Versions: 2.5.4 through 2.5.25, 3.2.5 and earlier 3.x versions, 3.3.0 through 3.3.4
  • Exploit type: Denial of Service
  • Reported Date: 2014-September-24
  • Fixed Date: 2014-September-30
  • CVE Number: CVE-2014-7229

Description

Inadequate checking allowed the potential for a denial of service attack.

Affected Installs

Joomla! CMS versions 2.5.4 through...

Keep reading about: [20140904] - Core - Denial of Service...
 

[20140903] - Core - Remote File Inclusion

  • Report this


  • Project: Joomla!
  • SubProject: CMS
  • Severity: Moderate
  • Versions: 2.5.4 through 2.5.25, 3.2.5 and earlier 3.x versions, 3.3.0 through 3.3.4
  • Exploit type: Remote File Inclusion
  • Reported Date: 2014-September-24
  • Fixed Date: 2014-September-30
  • CVE Number: CVE-2014-7228

Description

Inadequate checking allowed the potential for remote files to be executed.

Affected Installs

Joomla! CMS versions 2.5.4...

Keep reading about: [20140903] - Core - Remote File Inclusion...
 

Hika Shop

  • Report this


HikaShop 2.3.2 and below also Hika Market 1.4.3 and below

Remote code execution

Note that developer did not inform the VEL

Keep reading about: Hika Shop...
 


To get your feed included in JoomlaConnect, see our page on getting connected.