News

Joomla! Developer Network - Security News

Joomla! - the dynamic portal engine and content management system

[20120202] - Core - Information Disclosure
- Project: Joomla!
- SubProject: All
- Severity: Moderate
- Versions: 1.7.4 and all earlier 1.7.x versions
- Exploit type: Information Disclosure
- Reported Date: 2012-January-06
- Fixed Date: 2012-February-02
Description

On some servers the error log could be read by unauthorised users.

Affected Installs

Joomla! version 1.7.4 and all earlier 1.7.x versions

Solution

Upgrade to version 2.5.1 or 1.7.5 or higher

Reported by Alain Rivest

Contact

The JSST at the Joomla! Security Center.
[20120203] - Core - Information Disclosure
- Project: Joomla!
- SubProject: All
- Severity: Low
- Versions: 2.5.0 and 1.7.0 - 1.7.4
- Exploit type: Information Disclosure
- Reported Date: 2012-January-29
- Fixed Date: 2012-February-02
Description

Inadequate validation leads to path disclosure in administrator.

Affected Installs

Joomla! version 2.5.0, 1.7.4, and all earlier 1.7.x versions

Solution

Upgrade to version 2.5.1 or 1.7.5 or higher

Reported by Jakub Galczyk

Contact

The JSST at the Joomla! Security Center.
[20120201] - Core - Information Disclosure
- Project: Joomla!
- SubProject: All
- Severity: Low
- Versions: 2.5.0 and 1.7.0 - 1.7.4
- Exploit type: Information Disclosure
- Reported Date: 2012-January-29
- Fixed Date: 2012-February-02
Description

Inadequate validation leads to information disclosure in administrator.

Affected Installs

Joomla! version 2.5.0, 1.7.4, and all earlier 1.7.x versions

Solution

Upgrade to version 1.7.5 or 2.5.1 or higher

Reported by Jakub Galczyk

Contact

The JSST at the Joomla! Security Center.
[20120103] - Core - Information Disclosure
- Project: Joomla!
- SubProject: All
- Severity: Low
- Versions: 1.7.3 and all earlier 1.7 and 1.6 versions
- Exploit type: Information Disclosure
- Reported Date: 2011-December-19
- Fixed Date: 2012-January-24
Description

Inadequate filtering leads to information disclosure.

Affected Installs

Joomla! version 1.7.3 and all earlier versions

Solution

Upgrade to version 1.7.4 or 2.5.0 or higher

Reported by Jean-Marie Simonet

Contact

The JSST at the Joomla! Security Center.
[20120101] - Core - Information Disclosure
- Project: Joomla!
- SubProject: All
- Severity: Low
- Versions: 1.7.3 and all earlier 1.7 and 1.6 versions
- Exploit type: Information Disclosure
- Reported Date: 2012-January-07
- Fixed Date: 2012-January-24
Description

Inadequate filtering leads to information disclosure.

Affected Installs

Joomla! version 1.7.3 and all earlier versions

Solution

Upgrade to version 1.7.4 or 2.5.0 or higher

Reported by Cyrille Barthelemy

Contact

The JSST at the Joomla! Security Center.

Newsflash

There are no translations available.

Joomla! makes it easy to launch a Web site of any kind. Whether you want a brochure site or you are building a large online community, Joomla! allows you to deploy a new site in minutes and add extra functionality as you need it. The hundreds of available Extensions will help to expand your site and allow you to deliver new services that extend your reach into the Internet.

Latest News

Popular

News

Joomla! Developer Network - Security News

Description

Affected Installs

Solution

Contact

Description

Affected Installs

Solution

Contact

Description

Affected Installs

Solution

Contact

Description

Affected Installs

Solution

Contact

Description

Affected Installs

Solution

Contact

Newsflash