- Core - Negative Values for Limit and Offset
- Project: Joomla!
- SubProject: All
- Severity: Moderate
- Versions: 1.5.15 and all previous 1.5 releases
- Exploit type: information Disclosure
- Reported Date: 2010-Feb-21
- Fixed Date: 2010-Apr-23
If a user entered a URL with a negative query limit or offset, a PHP notice would display revealing information about the system.
All 1.5.x installs prior to and including 1.5.15 are affected.
Upgrade to the latest Joomla! version (1.5.16 or later)
Reported by Security List
The JSST at the Joomla! Security Center.