Pentru a vedea versiunea instalării de Joomla, accesați fișierul CHANGELOG.php din directoriul site-ului, sau căutați în partea dreaptă sus în panoul de administrare.
Mai devreme am publicat un ghid despre instalare Joomla.
====
Joomla! Security News |
- [20101101] - Core - XSS Vulnerabilities
- [20101001] - Core - XSS Vulnerabilities
- [20100701] - Core - SQL Injection / Internal Path Exposure
- [20100702] - Core - XSS Vulnerabillitis in Back End
- [20100703] - Core - XSS Vulnerabilities in Back End
- [20100704] - Core - XSS Vulnerabilities in Back End
- [20100501] - Core - XSS Vulnerabilities in Back End
- [20100423] - Core - Negative Values for Limit and Offset
- [20100423] - Core - Installer Migration Script
Posted: 04 Nov 2010 09:04 AM PDT
DescriptionInadequate filtering of request variables causes database errors.Affected InstallsAll 1.5.x installs prior to and including 1.5.21 are affected.SolutionUpgrade to the latest Joomla! version (1.5.22 or later)Reported by YGN Ethical Hacker Group ContactThe JSST at the Joomla! Security Center. |
Posted: 08 Oct 2010 09:04 AM PDT
DescriptionInadequate filtering of multiple encoded entities permits XSS attacks in some circumstances.Affected InstallsAll 1.5.x installs prior to and including 1.5.20 are affected.SolutionUpgrade to the latest Joomla! version (1.5.21 or later)Reported by YGN Ethical Hacker Group ContactThe JSST at the Joomla! Security Center. |
Posted: 15 Jul 2010 09:04 AM PDT
DescriptionBack-end user can create MySQL error which shows internal path information in the error message.Affected InstallsAll 1.5.x installs prior to and including 1.5.19 are affected.SolutionUpgrade to the latest Joomla! version (1.5.20 or later)Reported by Andy Gorges ContactThe JSST at the Joomla! Security Center. |
Posted: 15 Jul 2010 09:04 AM PDT
DescriptionBack-end user can inject Javascript in various administrator screens.Affected InstallsAll 1.5.x installs prior to and including 1.5.19 are affected.SolutionUpgrade to the latest Joomla! version (1.5.20 or later)Reported by José Antonio Vázquez González ContactThe JSST at the Joomla! Security Center. |
Posted: 15 Jul 2010 09:04 AM PDT
DescriptionBack-end user can inject Javascript in various administrator screens.Affected InstallsAll 1.5.x installs prior to and including 1.5.19 are affected.SolutionUpgrade to the latest Joomla! version (1.5.20 or later)Reported by José Antonio Vázquez González ContactThe JSST at the Joomla! Security Center. |
Posted: 15 Jul 2010 09:04 AM PDT
DescriptionBack-end user can inject Javascript in various administrator screens.Affected InstallsAll 1.5.x installs prior to and including 1.5.19 are affected.SolutionUpgrade to the latest Joomla! version (1.5.20 or later)Reported by Mesut Timur. ContactThe JSST at the Joomla! Security Center. |
Posted: 27 May 2010 05:00 PM PDT
DescriptionBack-end user can inject javascript in various administrator screens.Affected InstallsAll 1.5.x installs prior to and including 1.5.17 are affected.SolutionUpgrade to the latest Joomla! version (1.5.18 or later)Reported by Riyaz Ahemed ContactThe JSST at the Joomla! Security Center. |
Posted: 23 Apr 2010 10:31 AM PDT
DescriptionIf a user entered a URL with a negative query limit or offset, a PHP notice would display revealing information about the system.Affected InstallsAll 1.5.x installs prior to and including 1.5.15 are affected.SolutionUpgrade to the latest Joomla! version (1.5.16 or later)Reported by Security List ContactThe JSST at the Joomla! Security Center. |
Posted: 23 Apr 2010 10:27 AM PDT
DescriptionThe migration script in the Joomla! installer does not check the file type being uploaded. If the installation application is present, an attacker could use it to upload malicious files to a server.Affected InstallsAll 1.5.x installs prior to and including 1.5.15 are affected.SolutionUpgrade to the latest Joomla! version (1.5.16 or later)Reported by Nicola Bettini ContactThe JSST at the Joomla! Security Center. |
Niciun comentariu:
Trimiteți un comentariu