There is always a great deal of Joomla! development activity underway and communicating with other developers in the community is essential. This site is a resource for anyone looking to build or maintain software based on the Joomla platform

  • Project: Joomla!
  • SubProject: plg_xstandard
  • Severity: High
  • Versions: 1.5.8 and all previous 1.5 releases
  • Exploit type: Directory Traversal
  • Reported Date: 2009-January-7
  • Fixed Date: 2009-January-9

Description

A crafted request can cause disclosure of the directory structure on the server (including any directory that php has access to).

Affected Installs

All 1.5.x installs prior to and including 1.5.8 are affected.

Solution

Upgrade to latest Joomla! version (1.5.9 or newer).

Contact

The JSST at the Joomla! Security Centre.

The Joomla UX team is conducting research to improve future versions of Joomla and we want your feedback! The goal of this survey is to gather user feedback regarding the recent Joomla 3.5 release. The feedback we receive will shape the direction of our process and our future research efforts.

This survey is fairly short and simple, it should take around 5 to 10 minutes to complete. The more feedback we get the more we can help our users - including you!. Please share this survey with your local Joomla communities, JUG groups, and spread the word on social media.

Take the Joomla 3.5 survey now!


Joomla 3.5: We Want Your Feedback

After feedback from the community the PLT agreed at their meeting on Sunday 1st May 2016 to release the improvements to the Joomla Update Component, containing a reinstall button and reinstating the ability to update Joomla via file upload, as soon as possible.

With our versioning policy (available at https://developer.joomla.org/news/586-joomla-development-strategy.html) this means that we must make a minor release. As a result rather than making a 3.5.2 release we will instead make a 3.6.0 release.

The features that originally were planned to ship with 3.6 (for example the refactored routing system and the custom fields component) will now be made in a 3.7 release. The timescale for the 3.7 release will be roughly unchanged and will still be led by Chris Davenport.

The full PLT minutes for this meeting will be published very soon in the usual reports section on the volunteer portal and will contain the planned release dates for 3.6.


Version Number Shifting

The Joomla UX team is conducting research to improve future versions of Joomla and we want your feedback!

The goal of this survey is to provide a general overview of Joomla users and usage. The feedback we receive will shape the direction of our process and our future research efforts. The survey is very short and simple, it should only take a minute or two of your time. The more feedback we get the more we can help our users. Please share this survey with your local Joomla communities and spread the word.

Take the survey now!


The Joomla! UX Team wants your feedback

The Joomla User Experience (JUX) Team is looking for volunteers to contribute to the JUX Team efforts. The primary goal of the JUX is to continually improve the overall Joomla User Experience across all areas of the platform.


Call For Volunteers - Joomla! UX Team

The Joomla! Production Leadership Team (PLT) is pleased to announce we are looking for members to fill particular roles. We currently have a volunteer position open for a PLT Secretary.


Call For Joomla! Production Leadership Team Nominations - Secretary