Cimke Archívum ◊ joomla tárhely ◊

Júliusi Joomla biztonsági hibák
2010, július 28, szerda  | Szerző:

E hónapban a megszokottnál kevesebb Joomla biztonsági hiba került napvilágra, a következők ezek:

2010.07.22.-2010.07.28.

  • Joomla Frei-Chat Component One Script Insertion Vulnerability
  • Joomla! IT Armory Component Multiple SQL Injection Vulnerabilities
  • Joomla! TTVideo Component “cid” SQL Injection Vulnerability
  • Joomla! Appointinator Component “aid” SQL Injection Vulnerability
  • Joomla Component (com_joomla-visites) Remote File inclusion Vulnerability
  • Joomla Component (com_youtube) SQL Injection Vulnerability
  • Joomla Component (com_joomdle) SQL Injection Vulnerability
  • Joomla Component (com_huruhelpdesk) SQL Injection Vulnerability
  • Joomla Component (com_golfcourseguide) SQL Injection Vulnerability

2010.07.15.-2010.07.21.

  • Joomla Cross-Site Scripting and SQL Injection Vulnerabilities – 1.5.20-as rendszerek mindegyikét érintő biztonsági hiba
  • Joomla redSHOP Component “keyword” SQL Injection Vulnerability
  • Joomla Tárhely Component (com_staticxt) SQL Injection Vulnerability
  • Joomla Component (com_spa) SQL Injection Vulnerability
Májusi Joomla biztonsági hibák
2010, május 31, hétfő  | Szerző:

Ez úton közöljük az összegyűjtött májusi Joomla biztonsági hibákat, a már megszokott méretekkel rendelkezik:

2010.05.28.-2010.05.31.

  • Joomla Medi-QnA Component “controller” File Inclusion Vulnerability
  • Joomla “search” Cross-Site Scripting Vulnerability Input passed to the “search” parameter in administrator/index.php (when “option” is set to “com_users”, “com_trash”, “com_content”, “com_sections”, “com_categories”, “com_frontpage”, “com_messages”, “com_banners”, “com_contact”, “com_menus” when “task” is set to “view”, “com_newsfeeds”, “com_poll”, “com_weblinks”, “com_modules”, or “com_plugins”) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.
  • Joomla BF Quiz Component “catid” SQL Injection Vulnerability
  • Joomla My Car Component Two Vulnerabilities
  • Joomla com_quran SQL Injection vulnerability
  • Joomla Component com_g2bridge LFI vulnerability

2010.05.19.-2010.05.27.

  • Joomla Percha Multicategory Article Component “controller” File Inclusion
  • Joomla com_qpersonel SQL Injection Remote Exploit

2010.05.13.-2010.05.18.

  • Joomla Component FDione Form Wizard lfi vulnerability
  • Joomla Component Seber Cart (getPic.php) Local File Disclosure Vulnerability
  • Joomla Component advertising (com_aardvertiser) V2.0 Local File Inclusion Vulnerability
  • Joomla Component com_konsultasi (sid) SQL Injection Vulnerability
  • Joomla Component com_jequoteform – Local File Inclusion
  • Joomla Component JE Job Local File Inclusion Vulnerability
  • Joomla Component com_camp SQL Injection Vulnerability
  • Joomla Component MS Comment LFI Vulnerability
  • Joomla Component simpledownload LFI Vulnerability
  • Joomla Tárhely Component com_event another sql injection Vulnerability
  • Joomla Component com_event Multiple Vulnerabilities
  • Joomla Component com_crowdsource SQL Injection
  • Joomla Component com_packages SQL Injection Vulnerability
  • Joomla 3D Users Cloud Module “tagcloud” Cross-Site Scripting Vulnerability
  • Joomla JE Job Component Two Vulnerabilities
  • Joomla JE Ajax Event Calendar Component “view” File Inclusion Vulnerability
  • Joomla JE Quotation Form Component “view” File Inclusion Vulnerability

2010.05.07.-2010.05.12.

  • Joomla Module Camp26 Visitor Data 1.1 Remote code Execution
  • Joomla Custom PHP Pages Component com_php LFI Vulnerability
  • Joomla Camp26 VisitorData Module Shell Command Injection Vulnerability
1. oldal1