foto1 foto2 foto3 foto4 foto5


Watch

Love

SFbBox by psd to wordpress

Click

Support

donate200

Mind

Film Fest

mf logo small

Event

immortalcon

Feed

Joomla! Security News

  1. [20180301] - Core - SQLi vulnerability User Notes

    • Project: Joomla!
    • SubProject: CMS
    • Impact: High
    • Severity: Low
    • Versions: 3.5.0 through 3.8.5
    • Exploit type: SQLi
    • Reported Date: 2018-March-08
    • Fixed Date: 2018-March-12
    • CVE Number: CVE-2018-8045

    Description

    The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the User Notes list view

    Affected Installs

    Joomla! CMS versions 3.5.0 through 3.8.5

    Solution

    Upgrade to version 3.8.6

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:Entropy Moe
  2. [20180104] - Core - SQLi vulnerability in Hathor postinstall message

    • Project: Joomla!
    • SubProject: CMS
    • Impact: High
    • Severity: Low
    • Versions: 3.7.0 through 3.8.3
    • Exploit type: SQLi
    • Reported Date: 2017-November-17
    • Fixed Date: 2018-January-30
    • CVE Number: CVE-2018-6376

    Description

    The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message.

    Affected Installs

    Joomla! CMS versions 3.7.0 through 3.8.3

    Solution

    Upgrade to version 3.8.4

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Karim Ouerghemmi, ripstech.com
  3. [20180103] - Core - XSS vulnerability in Uri class

    • Project: Joomla!
    • SubProject: CMS
    • Impact: Moderate
    • Severity: Low
    • Versions: 1.5.0 through 3.8.3
    • Exploit type: XSS
    • Reported Date: 2017-November-17
    • Fixed Date: 2018-January-30
    • CVE Number: CVE-2018-6379

    Description

    Inadequate input filtering in the Uri class (formerly JUri) leads to a XSS vulnerability.

    Affected Installs

    Joomla! CMS versions 1.5.0 through 3.8.3

    Solution

    Upgrade to version 3.8.4

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Octavian Cinciu
  4. [20180102] - Core - XSS vulnerability in com_fields

    • Project: Joomla!
    • SubProject: CMS
    • Impact: Moderate
    • Severity: Low
    • Versions: 3.7.0 through 3.8.3
    • Exploit type: XSS
    • Reported Date: 2018-January-20
    • Fixed Date: 2018-January-30
    • CVE Number: CVE-2018-6377

    Description

    Inadequate input filtering in com_fields leads to a XSS vulnerability in multiple field types, i.e. list, radio and checkbox.

    Affected Installs

    Joomla! CMS versions 3.7.0 through 3.8.3

    Solution

    Upgrade to version 3.8.4

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:Benjamin Trenkle, JSST
  5. [20180101] - Core - XSS vulnerability in module chromes

    • Project: Joomla!
    • SubProject: CMS
    • Impact: Moderate
    • Severity: Low
    • Versions: 3.0.0 through 3.8.3
    • Exploit type: XSS
    • Reported Date: 2018-January-21
    • Fixed Date: 2018-January-30
    • CVE Number: CVE-2018-6380

    Description

    Lack of escaping in the module chromes leads to XSS vulnerabilities in the module system.

    Affected Installs

    Joomla! CMS versions 3.0.0 through 3.8.3

    Solution

    Upgrade to version 3.8.4

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: David Jardin, JSST

Tube

Who is

IMDb

Out of My Head TV

youtube

TEAM GAME

sponsors

Visions

#DailyDose

Quote of the Day

247 Ink Mag

247

Tune in to The POD

podsmall

Films & Events
Peepers