Joomla! Developer Network

There is always a great deal of Joomla! development activity underway and communicating with other developers in the community is essential. This site is a resource for anyone looking to build or maintain software based on the Joomla platform

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 1.5.15 and all previous 1.5 releases
  • Exploit type: Code upload
  • Reported Date: 2009-Dec-30
  • Fixed Date: 2010-Apr-23

Description

The migration script in the Joomla! installer does not check the file type being uploaded. If the installation application is present, an attacker could use it to upload malicious files to a server.

Affected Installs

All 1.5.x installs prior to and including 1.5.15 are affected.

Solution

Upgrade to the latest Joomla! version (1.5.16 or later)

Reported by Nicola Bettini

Contact

The JSST at the Joomla! Security Center.

Following are the meeting notes from the Production Leadership Team meeting held on Monday 01/06/2015 and Tuesday 02/06/2015.

Meeting Details

Team Members: Jessica, Javier, Chris, Robert, Viktor, Roland, George, Marco, Tessa (N.B. Tessa was sent to JAB on a CLT budget to attend JED meetings - she attended for ~1 hour on both days).

Apologies: Tom, Thomas


Meeting Notes from JAB PLT Summit 2015

Join us for a Bug Squashing event at the upcoming Joomla! Day Minnesota at the Mall of America on Sunday, July 19th, the day after the conference! Don’t forget to book an extra day on your trip if you plan on attending.

If you have never worked with code before, no worries at all! We will show you how to test and work with bug patches and how the process works! Our goal is to work through the issue tracker and get through as much as possible! If you have experience working with code, that’s just as great! We can show you the process of creating patches and adding it to our tracker.


Bugs, Bugs, Bugs! JDayMN15

The Joomla! Production Leadership Team is pleased to announce a new Release Leader for the Joomla! 3.5 release. Roberto Segura, the former Release Leader decided to step down due to family and work commitments, preventing him to dedicate time to the release.

As a result Roland Dalmulder has taken up the position of the “3.5 Release Leader” and will be assisted by George Wilson, both of the Production Leadership Team. Roland, as leader of the Joomla! Bug Squad, has great experience on working with Joomla! Contributors.


Joomla 3.5 Update

The Joomla! Bug Squad (JBS) is pleased to announce the addition of the new Bug Squad Co-Leader. We welcome Tobias Zulauf to the team.

Leading the JBS is a big task. The group is large and there are many tasks at hand. Combine this with a position in the Production Leadership Team (PLT), you will soon see that there are not enough hours in a day for one person. We needed to find help for Roland Dalmulder - PLT member and current JBS lead.


Our New Bug Squad Co-Leader

As was announced earlier this year, the Joomla! project is actively working toward shutting down JoomlaCode.org. In addition to assisting existing users with migrating data, we have also been busy managing our own data as well and would like to provide this update on our progress.


JoomlaCode Shutdown Update

Joomla! CMS

Current Release 

View known Issues

Development Status

Nightly CMS builds for developers are available for download

Joomla! Framework

Joomla! Reading

Joomla! Programming

Joomla! Programming

Mark Dexter & Louis Landry
Joomla! Templates

Joomla! Templates

Angie Radtke