Project: Joomla! SubProject: All Severity: Low Versions: 1.5.21 and all previous 1.5 releases Exploit type: SQL Injection - Information Disclosure Reported Date: 2010-October-05 Fixed Date: 2010-November-04 Description Inadequate filtering of request variables causes database errors. Affected Installs All 1.5.x installs prior to and including 1.5.21 are affected. Solution Upgrade to the latest Joomla! version (1.5.22 or later) Reported by YGN … [Read more...]
[20100704] – Core – XSS Vulnerabillitis in Back End
July 15, 2010 By
Project: Joomla! SubProject: All Severity: Medium Versions: 1.5.18 and all previous 1.5 releases Exploit type: XSS Injection Reported Date: 2010-June-1 Fixed Date: 2010-July-15 Description Back-end user can inject Javascript in various administrator screens. Affected Installs All 1.5.x installs prior to and including 1.5.18 are affected. Solution Upgrade to the latest Joomla! version (1.5.18 or later) Reported by oCERT. Contact The JSST at … [Read more...]
[20100703] – Core – XSS Vulnerabillitis in Back End
July 15, 2010 By
Project: Joomla! SubProject: All Severity: Medium Versions: 1.5.18 and all previous 1.5 releases Exploit type: XSS Injection Reported Date: 2010-June-8 Fixed Date: 2010-July-15 Description Back-end user can inject Javascript in various administrator screens. Affected Installs All 1.5.x installs prior to and including 1.5.18 are affected. Solution Upgrade to the latest Joomla! version (1.5.18 or later) Reported by José Antonio Vázquez … [Read more...]
[20100702] – Core – XSS Vulnerabillitis in Back End
July 15, 2010 By
Project: Joomla! SubProject: All Severity: Medium Versions: 1.5.18 and all previous 1.5 releases Exploit type: XSS Injection Reported Date: 2010-June-8 Fixed Date: 2010-July-15 Description Back-end user can inject Javascript in various administrator screens. Affected Installs All 1.5.x installs prior to and including 1.5.18 are affected. Solution Upgrade to the latest Joomla! version (1.5.18 or later) Reported by José Antonio Vázquez … [Read more...]
[20100701] – Core – SQL Injection / Internal Path Exposure
July 15, 2010 By
Project: Joomla! SubProject: All Severity: Low Versions: 1.5.18 and all previous 1.5 releases Exploit type: Internal Path Exposure Reported Date: 2010-June-10 Fixed Date: 2010-July-15 Description Back-end user can create MySQL error which shows internal path information in the error message. Affected Installs All 1.5.x installs prior to and including 1.5.18 are affected. Solution Upgrade to the latest Joomla! version (1.5.18 or … [Read more...]
[20100501] – Core – XSS Vulnerabilities in Back End
May 28, 2010 By
Project: Joomla! SubProject: All Severity: High Versions: 1.5.17 and all previous 1.5 releases Exploit type: XSS Injection Reported Date: 2010-May-13 Fixed Date: 2010-May-28 Description Back-end user can inject javascript in various administrator screens. Affected Installs All 1.5.x installs prior to and including 1.5.17 are affected. Solution Upgrade to the latest Joomla! version (1.5.18 or later) Reported by Riyaz … [Read more...]
[20100423] – Core – Negative Values for Limit and Offset
April 23, 2010 By
Project: Joomla! SubProject: All Severity: Moderate Versions: 1.5.15 and all previous 1.5 releases Exploit type: information Disclosure Reported Date: 2010-Feb-21 Fixed Date: 2010-Apr-23 Description If a user entered a URL with a negative query limit or offset, a PHP notice would display revealing information about the system. Affected Installs All 1.5.x installs prior to and including 1.5.15 are affected. Solution Upgrade to the … [Read more...]
[20100423] – Core – Installer Migration Script
April 23, 2010 By
Project: Joomla! SubProject: All Severity: Low Versions: 1.5.15 and all previous 1.5 releases Exploit type: Code upload Reported Date: 2009-Dec-30 Fixed Date: 2010-Apr-23 Description The migration script in the Joomla! installer does not check the file type being uploaded. If the installation application is present, an attacker could use it to upload malicious files to a server. Affected Installs All 1.5.x installs prior to and including … [Read more...]
[20100423] – Core – Sessation Fixation
April 23, 2010 By
Project: Joomla! SubProject: All Severity: Moderate Versions: 1.5.15 and all previous 1.5 releases Exploit type: Session fixation Reported Date: 2010-Mar-25 Fixed Date: 2010-Apr-23 Description Session id doesn't get modified when user logs in. A remote site may be able to forward a visitor to the Joomla! site and set a specific cookie. If the user then logs in, the remote site can use that cookie to authenticate as that … [Read more...]
[20100423] – Core – Password Reset Tokens
April 23, 2010 By
Project: Joomla! SubProject: All Severity: Low Versions: 1.5.15 and all previous 1.5 releases Exploit type: Unauthorised Access Reported Date: 2010-Jan-07 Fixed Date: 2010-Apr-23 Description When a user requests a password reset, the reset tokens were stored in plain text in the database. While this is not a vulnerability in itself, it allows user accounts to be compromised if there is an extension on the site with an SQL injection … [Read more...]
Recent Comments