JoomlaConnect | Joomla! Community Portal

Description

On some servers the error log could be read by unauthorised users.

Affected Installs

Joomla! version 1.7.4 and all earlier 1.7.x versions

Solution

Upgrade to version 2.5.1 or 1.7.5 or...

Keep reading about: [20120202] - Core - Information Disclosure...

[20120203] - Core - Information Disclosure

1. Your Name
2. Reason

Posted on: Wednesday, 01 February 2012
Feed: JSST News Feed
Other posts filed in: Security

Project: Joomla!
SubProject: All
Severity: Low
Versions: 2.5.0 and 1.7.0 - 1.7.4
Exploit type: Information Disclosure
Reported Date: 2012-January-29
Fixed Date: 2012-February-02

Description

Inadequate validation leads to path disclosure in administrator.

Affected Installs

Joomla! version 2.5.0, 1.7.4, and all earlier 1.7.x versions

Solution

Upgrade to version 2.5.1 or 1.7.5 or...

Keep reading about: [20120203] - Core - Information Disclosure...

[20120201] - Core - Information Disclosure

1. Your Name
2. Reason

Posted on: Wednesday, 01 February 2012
Feed: JSST News Feed
Other posts filed in: Security

Project: Joomla!
SubProject: All
Severity: Low
Versions: 2.5.0 and 1.7.0 - 1.7.4
Exploit type: Information Disclosure
Reported Date: 2012-January-29
Fixed Date: 2012-February-02

Description

Inadequate validation leads to information disclosure in administrator.

Affected Installs

Joomla! version 2.5.0, 1.7.4, and all earlier 1.7.x versions

Solution

Upgrade to version 1.7.5 or 2.5.1 or...

Keep reading about: [20120201] - Core - Information Disclosure...

[20120102] - Core - XSS Vulnerability

1. Your Name
2. Reason

Posted on: Monday, 23 January 2012
Feed: JSST News Feed
Other posts filed in: Security

Project: Joomla!
SubProject: All
Severity: Moderate
Versions: 1.7.3 and all earlier versions
Exploit type: XSS Vulnerability
Reported Date: 2011-November-16
Fixed Date: 2012-January-24

Description

Inadequate filtering leads to XSS vulnerability.

Affected Installs

Joomla! version 1.7.3 and all earlier versions

Solution

Upgrade to version 1.7.4 or 2.5.0 or higher

Reported by Ankita...

Keep reading about: [20120102] - Core - XSS Vulnerability...

[20120103] - Core - Information Disclosure

1. Your Name
2. Reason

Posted on: Monday, 23 January 2012
Feed: JSST News Feed
Other posts filed in: Security

Project: Joomla!
SubProject: All
Severity: Low
Versions: 1.7.3 and all earlier versions
Exploit type: Information Disclosure
Reported Date: 2011-December-19
Fixed Date: 2012-January-24

Description

Inadequate filtering leads to information disclosure.

Affected Installs

Joomla! version 1.7.3 and all earlier versions

Solution

Upgrade to version 1.7.4 or 2.5.0 or higher

Reported by Jean-Marie...

Keep reading about: [20120103] - Core - Information Disclosure...

[20120104] - Core - XSS Vulnerability

1. Your Name
2. Reason

Posted on: Monday, 23 January 2012
Feed: JSST News Feed
Other posts filed in: Security

Project: Joomla!
SubProject: All
Severity: Moderate
Versions: 1.7.3 and all earlier versions
Exploit type: XSS Vulnerability
Reported Date: 2012-January-22
Fixed Date: 2012-January-24

Description

Inadequate filtering leads to XSS vulnerability.

Affected Installs

Joomla! version 1.7.3 and all earlier versions

Solution

Upgrade to version 1.7.4 or 2.5.0 or higher

Reported by David...

Keep reading about: [20120104] - Core - XSS Vulnerability...

[20120101] - Core - Information Disclosure

1. Your Name
2. Reason

Posted on: Monday, 23 January 2012
Feed: JSST News Feed
Other posts filed in: Security

Project: Joomla!
SubProject: All
Severity: Low
Versions: 1.7.3 and all earlier versions
Exploit type: Information Disclosure
Reported Date: 2012-January-07
Fixed Date: 2012-January-24

Description

Inadequate filtering leads to information disclosure.

Affected Installs

Joomla! version 1.7.3 and all earlier versions

Solution

Upgrade to version 1.7.4 or 2.5.0 or higher

Reported by Cyrille...

Keep reading about: [20120101] - Core - Information Disclosure...

Joomla Discussions Component

1. Your Name
2. Reason

Posted on: Wednesday, 18 January 2012
Feed: VEL Direct
Other posts filed in: Security

sqli	180112

Keep reading about: Joomla Discussions Component...

HD Video Share

1. Your Name
2. Reason

Posted on: Wednesday, 18 January 2012
Feed: VEL Direct
Other posts filed in: Security

sqli	180112

Keep reading about: HD Video Share...

[20111102] - Core - Password Change

1. Your Name
2. Reason

Posted on: Monday, 14 November 2011
Feed: JSST News Feed
Other posts filed in: Security

Project: Joomla!
SubProject: All
Severity: High
Versions: 1.7.2 and all 1.6.x versions
Exploit type: Password Change
Reported Date: 2011-October-28
Fixed Date: 2011-November-14

Description

Weak random number generation during password reset leads to possibility of changing a user's password.

Affected Installs

Joomla! version 1.7.2 and all earlier 1.7.x and 1.6.x versions

Solution

Upgrade to...

Keep reading about: [20111102] - Core - Password Change...

«StartPrev12345678910Next End»

Welcome to Joomla!

Recent Joomla! News

Support Joomla!

What Is Joomla?

Joomla! for Business

Joomla! for Developers

Learn more about Joomla!

Connect!

Support!

Read!

Get involved with Joomla!

Directories

Developers

Download Joomla! 2.5

Download Joomla! 1.5

Getting Started with Joomla!

Internationalization

The Joomla! Community Portal ™

JoomlaConnect™ - Security English

Recent Posts

Description

Affected Installs

Solution

Description

Affected Installs

Solution

Description

Affected Installs

Solution

Description

Affected Installs

Solution

Description

Affected Installs

Solution

Description

Affected Installs

Solution

Description

Affected Installs

Solution

Description

Affected Installs

Solution

Languages

Categories

Recently Updated Feeds

Get the Book!

JoomlaConnect^™ - Security English