- Details
- Category: Security Announcements
- Project: Joomla!
- SubProject: CMS
- Severity: High
- Versions: 3.1.0 through 3.2.2
- Exploit type: SQL Injection
- Reported Date: 2014-February-06
- Fixed Date: 2014-March-06
- CVE Number: Pending
Description
Inadequate escaping leads to SQL injection vulnerability.
Affected Installs
Joomla! CMS versions 3.1.0 through 3.2.2
Solution
Upgrade to version 3.2.3
Contact
The JSST at the Joomla! Security Center....
Read more https://feeds.joomla.org/~r/JoomlaSecurityNews/~3/xcttKR2_t_4/578-20140301-core-sql-injection.html
- Details
- Category: Security Announcements
- Project: Joomla!
- SubProject: All
- Severity: High
- Versions: 2.5.14 and earlier 2.5.x versions. 3.1.5 and earlier 3.x versions.
- Exploit type: XSS Vulnerability
- Reported Date: 2013-October-25
- Fixed Date: 2013-November-06
- CVE Number:
Description
Inadequate filtering leads to XSS vulnerability in com_contact.
Affected Installs
Joomla! version 2.5.14 and earlier 2.5.x versions; and version 3.1.5 and earlier 3.0.x versions.
Solution
Upgrade to version 2.5.15, 3.1.6 or 3.2.
Contact
The JSST at the Joomla! Security Center....
Read more https://feeds.joomla.org/~r/JoomlaSecurityNews/~3/phTlsssMGkk/570-core-xss-20131101.html
- Details
- Category: Security Announcements
- Project: Joomla!
- SubProject: All
- Severity: Moderate
- Versions: 2.5.14 and earlier 2.5.x versions. 3.1.5 and earlier 3.x versions.
- Exploit type: XSS Vulnerability
- Reported Date: 2013-October-26
- Fixed Date: 2013-November-06
- CVE Number:
Description
Inadequate filtering leads to XSS vulnerability in com_contact.
Affected Installs
Joomla! version 2.5.14 and earlier 2.5.x versions; and version 3.1.5 and earlier 3.0.x versions.
Solution
Upgrade to version 2.5.15, 3.1.6 or 3.2.
Contact
The JSST at the Joomla! Security Center....
Read more https://feeds.joomla.org/~r/JoomlaSecurityNews/~3/tizP5jKBHbI/572-core-xss-20131103.html
- Details
- Category: Security Announcements
- Project: Joomla!
- SubProject: All
- Severity: Moderate
- Versions: 2.5.14 and earlier 2.5.x versions. 3.1.5 and earlier 3.x versions.
- Exploit type: XSS Vulnerability
- Reported Date: 2013-October-06
- Fixed Date: 2013-November-06
- CVE Number:
Description
Inadequate filtering leads to XSS vulnerability in com_contact, com_weblinks, com_newsfeeds.
Affected Installs
Joomla! version 2.5.14 and earlier 2.5.x versions; and version 3.1.5 and earlier 3.0.x versions.
Solution
Upgrade to version 2.5.15, 3.1.6 or 3.2.
Contact
The JSST at the Joomla! Security Center....
Read more https://feeds.joomla.org/~r/JoomlaSecurityNews/~3/GOUbBeWpb5Y/571-core-xss-20131102.html
- Details
- Category: Security Announcements
- Project: Joomla!
- SubProject: All
- Severity: Critical
- Versions: 2.5.13 and earlier 2.5.x versions. 3.1.4 and earlier 3.0.x versions.
- Exploit type: Unauthorised Uploads
- Reported Date: 2013-June-25
- Fixed Date: 2013-July-31
- CVE Number: Pending
Description
Inadequate filtering leads to the ability to bypass file type upload restrictions.
Affected Installs
Joomla!
...