The Joomla! Community Portal ™

JoomlaConnect

JoomlaConnect - Security English

(View All Languages)

Recent Posts

myJoomla Service Connector

  • Report this


The myJoomla.com service connector had a minor information disclosure vulnerability, only effective in limited circumstances and hardly exploitable.

Keep reading about: myJoomla Service Connector...
 

Joomla Multicalendar, 5.3.2 and previous versions,

  • Report this


Joomla Multicalendar, 5.3.2 and previous versions, XSS (Cross Site Scripting)

UpdateNoticeURL
http://www.joomlacalendars.com/faq/multi-view-calendar-for-joomla#q39

Keep reading about: Joomla Multicalendar, 5.3.2 and previous versions,...
 

JChatSocial, 2.2 and lower

  • Report this


JChatSocial, 2.2 and lower, XSS (Cross Site Scripting)

Keep reading about: JChatSocial, 2.2 and lower...
 

Watchful Client (watchful.li extension), 1.9.0 and lower

  • Report this


Extension was not preventing execution of files outside of the framework, and therefore enabling potential unwanted information disclosure and other attacks using weak hash key implementation.

Update to version 1.9.1 : https://watchful.li/news/watchful-1-9-1-released.html

Keep reading about: Watchful Client (watchful.li extension), 1.9.0 and lower...
 

kunena 3.0.5 XSS and SQL Injection

  • Report this


kunena 3.0.5 XSS and SQL Injection

Update notice

Keep reading about: kunena 3.0.5 XSS and SQL Injection...
 

youtube gallery, 4.1.7,

  • Report this


youtube gallery, 4.1.7, SQL Injection

Extension Update Details

4.1.9

UpdateNoticeURL
http://www.joomlaboat.com/youtube-gallery

Keep reading about: youtube gallery, 4.1.7,...
 

K2 Content Extension, 2.6.8,

  • Report this


K2 Content Extension, 2.6.8, XSS (Cross Site Scripting)

Keep reading about: K2 Content Extension, 2.6.8,...
 

K2 Content Extension, 2.6.8,

  • Report this


K2 Content Extension, 2.6.8, XSS (Cross Site Scripting)

Keep reading about: K2 Content Extension, 2.6.8,...
 

JW player, 5.10.22 xss

  • Report this


JW player, 5.10.2295, XSS (Cross Site Scripting)

Update notice url:http://www.joomlaworks.net/forum/extension-updates/14896-june-3rd,-2014-allvideos-v4-6-0

 

Keep reading about: JW player, 5.10.22 xss...
 

Joomlaworks allvideos

  • Report this


Joomlaworks allvideos plugin version 4.5.0 and previous XSS (cross-site scripting)

 

Extension Update Details
The new 4.6.0 version released replaces the XSS affected JW Player v5 with the newest v6.


UpdateNoticeURL
http://www.joomlaworks.net/forum/extension-updates/14896-june-3rd,-2014-allvideos-v4-6-0

Keep reading about: Joomlaworks allvideos...
 


To get your feed included in JoomlaConnect, see our page on getting connected.