Home Technical Support Joomla Security News
jsst_logo_125x125 Below you will find the latest security news from Joomla.org's J.S.S.T. (Joomla Security Strike Team). It is imperitive for the security of your website and that of the server that you maintain your Joomla installation up to date with the latest release. If you require assistance in upgrading your website we are available to do this for you for the modest fee of $25. Simply contact us with the request and your login details and we will quickly perform the upgrade.

Joomla! Developer Network - Security News

Joomla! - the dynamic portal engine and content management system

  • — [20120202] - Core - Information Disclosure

       (Thursday, 02 February 2012 00:25)

    • Project: Joomla!
    • SubProject: All
    • Severity: Moderate
    • Versions: 1.7.4 and all earlier 1.7.x versions
    • Exploit type: Information Disclosure
    • Reported Date: 2012-January-06
    • Fixed Date: 2012-February-02

    Description

    On some servers the error log could be read by unauthorised users.

    Affected Installs

    Joomla! version 1.7.4 and all earlier 1.7.x versions

    Solution

    Upgrade to version 2.5.1 or 1.7.5 or higher

    Reported by Alain Rivest

    Contact

    The JSST at the Joomla! Security Center.

  • — [20120203] - Core - Information Disclosure

       (Thursday, 02 February 2012 00:25)

    • Project: Joomla!
    • SubProject: All
    • Severity: Low
    • Versions: 2.5.0 and 1.7.0 - 1.7.4
    • Exploit type: Information Disclosure
    • Reported Date: 2012-January-29
    • Fixed Date: 2012-February-02

    Description

    Inadequate validation leads to path disclosure in administrator.

    Affected Installs

    Joomla! version 2.5.0, 1.7.4, and all earlier 1.7.x versions

    Solution

    Upgrade to version 2.5.1 or 1.7.5 or higher

    Reported by Jakub Galczyk

    Contact

    The JSST at the Joomla! Security Center.

  • — [20120201] - Core - Information Disclosure

       (Thursday, 02 February 2012 00:25)

    • Project: Joomla!
    • SubProject: All
    • Severity: Low
    • Versions: 2.5.0 and 1.7.0 - 1.7.4
    • Exploit type: Information Disclosure
    • Reported Date: 2012-January-29
    • Fixed Date: 2012-February-02

    Description

    Inadequate validation leads to information disclosure in administrator.

    Affected Installs

    Joomla! version 2.5.0, 1.7.4, and all earlier 1.7.x versions

    Solution

    Upgrade to version 1.7.5 or 2.5.1 or higher

    Reported by Jakub Galczyk

    Contact

    The JSST at the Joomla! Security Center.

  • — [20120103] - Core - Information Disclosure

       (Monday, 23 January 2012 04:45)

    • Project: Joomla!
    • SubProject: All
    • Severity: Low
    • Versions: 1.7.3 and all earlier 1.7 and 1.6 versions
    • Exploit type: Information Disclosure
    • Reported Date: 2011-December-19
    • Fixed Date: 2012-January-24

    Description

    Inadequate filtering leads to information disclosure.

    Affected Installs

    Joomla! version 1.7.3 and all earlier versions

    Solution

    Upgrade to version 1.7.4 or 2.5.0 or higher

    Reported by Jean-Marie Simonet

    Contact

    The JSST at the Joomla! Security Center.

  • — [20120101] - Core - Information Disclosure

       (Monday, 23 January 2012 04:45)

    • Project: Joomla!
    • SubProject: All
    • Severity: Low
    • Versions: 1.7.3 and all earlier 1.7 and 1.6 versions
    • Exploit type: Information Disclosure
    • Reported Date: 2012-January-07
    • Fixed Date: 2012-January-24

    Description

    Inadequate filtering leads to information disclosure.

    Affected Installs

    Joomla! version 1.7.3 and all earlier versions

    Solution

    Upgrade to version 1.7.4 or 2.5.0 or higher

    Reported by Cyrille Barthelemy

    Contact

    The JSST at the Joomla! Security Center.

 

Affordable Hosting

Charity Offers

Joomla Services

We support Drupal!

Joomla Security News

pembina.jpg

EcoHosting - Tucows Seal

paypal.png