747 matches found
[20190205] - Core - XSS Issue in core.js writeDynaList
Inadequate parameter handling in JS code could lead to an XSS attack vector...
[20181005] - Core - CSRF hardening in com_installer
Added additional CSRF hardening in cominstaller actions in the backend...
All Regular Labs extensions with editor buttons
All Regular Labs extensions with editor buttons, versions before 7 September 2018, cross site scripting XSS:- - Articles Anywhere - Conditional Content - Dummy Content - Modals - Modules Anywhere - Sliders - Snippets - Tabs - Tooltips The editor button popup urls could potentially be used...
[20190202] - Core - Browserside mime-type sniffing causes XSS attack vectors
A combination of specific webserver configurations, in connection with specific file types and browserside mime-type sniffing causes a XSS attack vector...
[20181001] - Core - Hardening com_contact contact form
Inadequate checks in comcontact could allowed mail submission in disabled forms...
Gantry package 5.4.26 ,Other
Gantry package containing "Twig" library creates folders with improper folder permissions. On some servers this may lead to world writeable folders. see https://github.com/gantry/gantry5/issues/2363 https://github.com/twigphp/Twig/issues/2353 developer states not a security issue within their...
Magiczoomplus for Joomla, 3.3.4, Insecure Folder Permissions
Magiczoomplus for Joomla, versions 3.3.4 and previous, Sensitive information disclosure, Insecure folder permissions, Remote call information disclosure. Resolution: update to 3.3.6 Update notice: https://www.magictoolbox.com/jv-release-update/ Note that the VEL do not agree with the developer's...
Forms by Balbooa.com,1.7.2,Information Disclosure
Forms by Balbooa.com,1.7.2,Information Disclosure Resolution: update to 1.7.4 there was a previous update 1.7.3 which did not entirely fix the issue update notice: https://support.balbooa.com/forum/joomla-forms/5441-balbooa-joomla-forms-v-1-7-4...
[20180801] - Core - Hardening the InputFilter for PHAR stubs
Inadequate checks in the InputFilter class could allow specifically prepared PHAR files to pass the upload filter...
Jcomments, version 3.0.5, Input Validation Vulnerability
jcomments,versions 3.0.5 and all previous, inadequate input validation of objectgroup parameter leads to possible exploits including arbitrary local file inclusion resolution: update to version 3.0.6 There is evidence that this is being actively exploited, so users are recommended to update ASAP...
J-Business Directory,4.9.3,SQL Injection
jBusiness Directory from CMS Junkie,4.9.3 and previous versions, SQL Injection, XSS resolution: update to 4.9.4 update notice: http://www.cmsjunkie.com/blog/joomlabusinessdirectory4-9-4release/ Note that the developer did not inform the VEL...
Magiczoomplus for Virtuemart, 4.9.4, Insecure Folder Permissions
Virtuemart plugin magiczoomplus v4.9.4 and previous, Sensitive information disclosure, Insecure folder permissions, Remote call information disclosure. Resolution: Update to 4.9.6 Update notice: https://www.magictoolbox.com/jv-release-update/ Note that the VEL do not agree with the developer's...
Kunena,5.0 - 5.1.1,Other
Kunena,5.0 - 5.1.1,Other Developer statement The Kunena team has announce the arrival of Kunena 5.1.2 K 5.1.2 which is now available for download as a native Joomla extension for J! 3.8.x. This version addresses most of the issues that were discovered in K 5.1 and issues discovered during the...
[20180803] - Core - ACL Violation in custom fields
Inadequate checks regarding disabled fields can lead to an ACL violation...
[20180802] - Core - Stored XSS vulnerability in the frontend profile
Inadequate output filtering on the user profile page could lead to a stored XSS attack...
Advertisement Board 3.1.0
Advertisement Board by Ordasoft, versions 3.1.0 and previous, SQL Injection Resolution: update to 3.1.4 Update notice:https://ordasoft.com/News/News/advertisement-board-security-update.html...
[20181002] - Core - Inadequate default access level for com_joomlaupdate
Joomla’s comjoomlaupdate allows the execution of arbitrary code. The default ACL config enabled access of Administrator-level users to access comjoomlaupdate and trigger a code execution...
[20181003] - Core - Access level Violation in com_tags
Inadequate checks on the tags search fields can lead to an access level violation...
Community Builder, 2.4.2
Community Builder, 2.4.1 and previous, resolution: update to 2.4.2 update notice: https://www.joomlapolis.com/news/18843-community-builder-2-4-2-security-maintenance-and-features-release...
Community Builder, 2.1.4, XSS
Community Builder, 2.1.4 and previous, XSS Cross site scripting resolution: update to 2.1.5 update notice: https://www.joomlapolis.com/news/18791-community-builder-2-1-5-security-and-maintenance-release...
booking calendar for joomla!
Booking Calendar for Joomla! update to 3.4.0 various security patches. Note END OF LIFE https://www.joomlabookingcalendar.com/last-update/ Last known version number 3.4.0...
[20180506] - Core - Filter field in com_fields allows remote code execution
Inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option...
Nexevo Contact Form, Backdoor
Nexevo Contact Form, Backdoor Resolution: update to 1.0.2 Users should also check for the existence of a plugin called System - Section among their installed extensions. It is malware and needs to be removed and the site treated as hacked. Further information here:...
Admin Tools Pro, 5.0.2, Information Disclosure
Admin Tools Pro by Akeeba, versions 5.0.2 and previous, Information Disclosure Resolution: update to 5.1.0 Update notice: https://www.akeebabackup.com/news/1693-admin-tools-security-bulletin-may-2018.html...
[20180602] - Core - XSS vulnerability in language switcher module
In some cases the link of the current language might contain unescaped HTML special characters. This may lead to reflective XSS via injection of arbitrary parameters and/or values on the current page url...
[20180503] - Core - Information Disclosure about unpublished tags
Inadequate checks allowed users to see the names of tags that were either unpublished or published with restricted view permission...
[20180601] - Core - Local File Inclusion with PHP 5.3
Our autoload code checks classnames to be valid, using the "classexists" function in PHP. In PHP 5.3 this function validates invalid names as valid, which can result in a Local File Inclusion...
Convert Forms, 2.0.3, CSV Injection
Convert Forms by Tassos.gr, versions 2.0.3 and previous, CSV Injection resolution: update to 2.0.4 update notice: https://www.tassos.gr/blog/convert-forms-2-0-4-security-release...
Gridbox com_gridbox, 2.4.0, Multiple Vulnerabilities
Gridbox comgridbox from balbooa.com, 2.4.0 and previous versions, multiple vulnerabilities including XSS, SQLi, arbitratry file download, insecure file upload, directory traversal Resolution: update to version 2.4.1.1 note that previous security release 2.4.1 fixed most of the issues but not all ...
Virtuemart 3.2.12 and previous, XSS
Virtuemart, versions 3.2.12 and previous, XSS Cross Site Scripting Resolution: update to 3.2.14 update notice: http://virtuemart.net/news/489-virtuemart-3-2-14-security-release-and-enhanced-invoice-handling...
jDownloads,3.2.58, XSS (Cross Site Scripting)
jDownloads, versions 3.2.58 and previous, XSS Cross Site Scripting resolution: update to 3.2.59 update notice: http://www.jdownloads.com/index.php/news/264-jdownloads-3-2-59-published.html...
Rapicode, Multiple Extensions, Back Door
Rapicode, nultiple extensions, current versions, back door Extensions affected are:- Rapi Content Ticker Rapi Content Carousel Rapi Cookie Consent Rapi Countdown Rapi Preloader Rapi Loading Progress Bar Rapi Page Animate At the moment the back door seems to be loading mining code, it can be used ...
JS Jobs,1.2.0,XSS (Cross Site Scripting)
JS Jobs from Joomsky.com, versions 1.2.0 and previous,XSS Cross Site Scripting resolution: update to 1.2.1 update notice: http://www.joomsky.com/products/js-jobs.html...
[20180508] - Core - Possible XSS attack in the redirect method
Under specific circumstances a redirect issued with a URI containing a username and password when the Location: header cannot be used, a lack of escaping the user-info component of the URI could result in a XSS vulnerability...
mobilejoomla, 2.1.24, malcious redirects
mobilejoomla,2.1.24, malicious redirects. google adsense file added that may redirect all sites adsense revenue to the developer. File is not deleted on removing extension. Developer statement Extension Update Details Previously the free version of the Mobile extension added a file called ads.txt...
Watchfulli SSO Plugin,1.2, Other
Watchfulli SSO Plugin, versions 1.2 and previous, Other Resolution: update to version 1.3 update notice: https://watchful.li/news-blog/news/new-watchful-clients-and-sso-plugin-enhance-encryption...
AcySMS, 3.5.0, CSV Injection
AcySMS by Acyba, versions 3.5.0 and previous, CSV Injection see https://vel.joomla.org/articles/2140-introducing-csv-injection resolution: update to 3.5.1 update notice: https://www.acyba.com/acysms/change-log.html...
CP Event Calendar, 3.0.2, SQL Injection
CP Event Calendar from joomlacalendars.com, versions 3.0.2 and previous, SQL Injection resolution: update to 3.0.3 update notice: http://www.joomlacalendars.com/updates/cp-event-calendar-3.0.3...
AcyMailing, 5.9.5, CSV Injection
AcyMailing by Acyba, versions 5.9.5 and previous, CSV Injection see https://vel.joomla.org/articles/2140-introducing-csv-injection Resolution: update to 5.9.6 update notice: https://www.acyba.com/acymailing/change-log.html...
Visual Calendar, 3.1.5, SQL Injection
Visual Calendar by Joomcalendars.com, versions 3.1.5 and previous, SQL Injection resolution: update to 3.1.6 update notice: http://www.joomlacalendars.com/updates/visual-calendar3.1.6...
Google Map Landkarten,4.2.3,SQL Injection
Google Map Landkarten from joomla-24.de, versions 4.2.3 and previous, SQL Injection...
Kunena,3.x - 5.0.13, Other
Kunena, 3.x - 5.0.13, Other - Normal user can take ownership from any user resolution: update to 5.0.14 update notice: https://www.kunena.org/blog/191-kunena-5-0-14-released...
[20180502] - Core - Add PHAR files to the upload blacklist
Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver...
Attachments, 3.2.5, SQL Injection
Attachments from jimcameron.net, versions 3.2.5 and previous, SQL Injection resolution: update to 3.2.6 update notice: http://jmcameron.net/attachments/...
JomEstate, 3.7, SQL Injection
JomEstate from comdev.eu, versions 3.7 and previous, SQL Injection resolution: resolved in version 3.8, current release is 4.1 update notice: none...
DT Register,3.2.7,SQL Injection
DT Register by DTH Development, versions 3.2.7 and previous, SQL Injection resolution: update to 3.2.8 update notice: https://www.dthdevelopment.com/dth-news/dt-register-328-security-update...
Fastball, SQL Injection
Fastball by Fastball Productions, versions yet to be determined but probably all, SQL Injection...
[20180501] - Core - ACL violation in access levels
Inadequate checks allowed users to modify the access levels of user groups with higher permissions...
[20180301] - Core - SQLi vulnerability User Notes
The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the User Notes list view...
Simple Calendar,3.1.9,SQL Injection
Simple Calendar by Fabrizio Albonico, versions 3.1.9 and previous, SQL Injection...