Ez úton közöljük az összegyűjtött májusi Joomla biztonsági hibákat, a már megszokott méretekkel rendelkezik:
2010.05.28.-2010.05.31.
- Joomla Medi-QnA Component “controller” File Inclusion Vulnerability
- Joomla “search” Cross-Site Scripting Vulnerability Input passed to the “search” parameter in administrator/index.php (when “option” is set to “com_users”, “com_trash”, “com_content”, “com_sections”, “com_categories”, “com_frontpage”, “com_messages”, “com_banners”, “com_contact”, “com_menus” when “task” is set to “view”, “com_newsfeeds”, “com_poll”, “com_weblinks”, “com_modules”, or “com_plugins”) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.
- Joomla BF Quiz Component “catid” SQL Injection Vulnerability
- Joomla My Car Component Two Vulnerabilities
- Joomla com_quran SQL Injection vulnerability
- Joomla Component com_g2bridge LFI vulnerability
2010.05.19.-2010.05.27.
- Joomla Percha Multicategory Article Component “controller” File Inclusion
- Joomla com_qpersonel SQL Injection Remote Exploit
2010.05.13.-2010.05.18.
- Joomla Component FDione Form Wizard lfi vulnerability
- Joomla Component Seber Cart (getPic.php) Local File Disclosure Vulnerability
- Joomla Component advertising (com_aardvertiser) V2.0 Local File Inclusion Vulnerability
- Joomla Component com_konsultasi (sid) SQL Injection Vulnerability
- Joomla Component com_jequoteform – Local File Inclusion
- Joomla Component JE Job Local File Inclusion Vulnerability
- Joomla Component com_camp SQL Injection Vulnerability
- Joomla Component MS Comment LFI Vulnerability
- Joomla Component simpledownload LFI Vulnerability
- Joomla Tárhely Component com_event another sql injection Vulnerability
- Joomla Component com_event Multiple Vulnerabilities
- Joomla Component com_crowdsource SQL Injection
- Joomla Component com_packages SQL Injection Vulnerability
- Joomla 3D Users Cloud Module “tagcloud” Cross-Site Scripting Vulnerability
- Joomla JE Job Component Two Vulnerabilities
- Joomla JE Ajax Event Calendar Component “view” File Inclusion Vulnerability
- Joomla JE Quotation Form Component “view” File Inclusion Vulnerability
2010.05.07.-2010.05.12.
- Joomla Module Camp26 Visitor Data 1.1 Remote code Execution
- Joomla Custom PHP Pages Component com_php LFI Vulnerability
- Joomla Camp26 VisitorData Module Shell Command Injection Vulnerability