- Details
- Category: Security Announcements
- Project: Joomla!
- SubProject: All
- Severity: High
- Versions: 1.5.25 and all earlier 1.5.x versions
- Exploit type: Password Change
- Reported Date: 2012-March-8
- Fixed Date: 2012-March-27
Description
Insufficient randomness leads to password reset vulnerability.
Affected Installs
Joomla! versions 1.5.25 and all earlier 1.5.x versions
Solution
Upgrade to version
...- Details
- Category: Security Announcements
- Project: Joomla!
- SubProject: All
- Severity: High
- Versions: 2.5.1, 2.5.0 and 1.7.0 - 1.7.5
- Exploit type: SQL Injection
- Reported Date: 2012-February-29
- Fixed Date: 2012-March-05
Description
Inadequate escaping leads to SQL injection vulnerability.
Affected Installs
Joomla! version 2.5.1, 2.5.0, 1.7.4, and all earlier 1.7.x versions
Solution
Upgrade to version
...