Security News
[20120201] - Core - Information Disclosure
- Project: Joomla!
- SubProject: All
- Severity: Low
- Versions: 2.5.0 and 1.7.0 - 1.7.4
- Exploit type: Information Disclosure
- Reported Date: 2012-January-29
- Fixed Date: 2012-February-02
Description
Inadequate validation leads to information disclosure in administrator.
Affected Installs
Joomla! version 2.5.0, 1.7.4, and all earlier 1.7.x versions
Solution
Upgrade to version 1.7.5 or 2.5.1 or higher
Reported by Jakub Galczyk
Contact
The JSST at the Joomla! Security Center.
[20120202] - Core - Information Disclosure
- Project: Joomla!
- SubProject: All
- Severity: Moderate
- Versions: 1.7.4 and all earlier 1.7.x versions
- Exploit type: Information Disclosure
- Reported Date: 2012-January-06
- Fixed Date: 2012-February-02
Description
On some servers the error log could be read by unauthorised users.
Affected Installs
Joomla! version 1.7.4 and all earlier 1.7.x versions
Solution
Upgrade to version 2.5.1 or 1.7.5 or higher
Reported by Alain Rivest
Contact
The JSST at the Joomla! Security Center.
[20120101] - Core - Information Disclosure
- Project: Joomla!
- SubProject: All
- Severity: Low
- Versions: 1.7.3 and all earlier 1.7 and 1.6 versions
- Exploit type: Information Disclosure
- Reported Date: 2012-January-07
- Fixed Date: 2012-January-24
Description
Inadequate filtering leads to information disclosure.
Affected Installs
Joomla! version 1.7.3 and all earlier versions
Solution
Upgrade to version 1.7.4 or 2.5.0 or higher
Reported by Cyrille Barthelemy
Contact
The JSST at the Joomla! Security Center.
[20120203] - Core - Information Disclosure
- Project: Joomla!
- SubProject: All
- Severity: Low
- Versions: 2.5.0 and 1.7.0 - 1.7.4
- Exploit type: Information Disclosure
- Reported Date: 2012-January-29
- Fixed Date: 2012-February-02
Description
Inadequate validation leads to path disclosure in administrator.
Affected Installs
Joomla! version 2.5.0, 1.7.4, and all earlier 1.7.x versions
Solution
Upgrade to version 2.5.1 or 1.7.5 or higher
Reported by Jakub Galczyk
Contact
The JSST at the Joomla! Security Center.
[20120102] - Core - XSS Vulnerability
- Project: Joomla!
- SubProject: All
- Severity: Moderate
- Versions: 1.7.3 and all earlier 1.7 and 1.6 versions
- Exploit type: XSS Vulnerability
- Reported Date: 2011-November-16
- Fixed Date: 2012-January-24
Description
Inadequate filtering leads to XSS vulnerability.
Affected Installs
Joomla! version 1.7.3 and all earlier versions
Solution
Upgrade to version 1.7.4 or 2.5.0 or higher
Reported by Ankita Kapadia
Contact
The JSST at the Joomla! Security Center.
More Articles...
- [20120103] - Core - Information Disclosure
- [20120104] - Core - XSS Vulnerability
- [20111102] - Core - Password Change
- [20111103] - Core - Password Change
- [20111101] - Core - XSS Vulnerability
- [20111001] - Core - Information Disclosure
- [20111002] - Core - Information Disclosure
- [20111003] - Core - Information Disclosure
- [20110903] - Core - Information Disclosure
- [20110901] - Core - XSS Vulnerability
