Sicherheitsmeldungen

[20110305] - Core - CSRF Vulnerability Project: Joomla! SubProject: All Severity: Moderate Versions: 1.6.0 Exploit type: CSRF Vulnerability Reported Date: 2011-February-28 Fixed Date: 2011-March-07 Description Inadequate token checking causes cross site request forgery vulnerability. Affected Installs Joomla! version 1.6.0. Solution Upgrade to the latest Joomla! version (1.6.1 or later) Reported by Marius Van Rijnsoever Contact The JSST at the Joomla! Security Center. Read Full Article
[20110307] - Core - XSS Vulnerabilities Project: Joomla! SubProject: All Severity: Moderate Versions: 1.6.0 Exploit type: XSS Reported Date: 2011-March-02 Fixed Date: 2011-March-07 Description Inadequate filtering causes XSS vulnerabilities. Affected Installs Joomla! version 1.6.0. Solution Upgrade to the latest Joomla! version (1.6.1 or later) Reported by This e-mail address is being protected from spambots. You need JavaScript enabled to view it. Contact The JSST at the Joomla! Security Center. Read Full Article
[20110303] - Core - Information Disclosure Project: Joomla! SubProject: All Severity: Moderate Versions: 1.6.0 Exploit type: Information Disclosure Reported Date: 2011-February-22 Fixed Date: 2011-March-07 Description Inadequate filtering causes information disclosure. Affected Installs Joomla! version 1.6.0. Solution Upgrade to the latest Joomla! version (1.6.1 or later) Reported by Jeff Channell Contact The JSST at the Joomla! Security Center. Read Full Article
[20110406] - Core - XSS Vulnerabilities Project: Joomla! SubProject: All Severity: Medium Versions: 1.6.1 and 1.6.0 Exploit type: XSS Vulnerabilities Reported Date: 2011-April-05 Fixed Date: 2011-April-14 Description Inadequate filtering causes XSS vulnerabilities. Affected Installs Joomla! version 1.6.1 and 1.6.0 versions Solution Upgrade to the latest Joomla! version (1.6.2 or later) Reported by Jeff Channell Contact The JSST at the Joomla! Security Center. Read Full Article
[20110401] - Core - Information Disclosure Project: Joomla! SubProject: All Severity: Low Versions: 1.5.22 and earlier Exploit type: Information Disclosure Reported Date: 2010-December-08 Fixed Date: 2011-April-04 Description Inadequate error checking causes information disclosure. Affected Installs Joomla! version 1.5.22 and all previous 1.5 versions Solution Upgrade to the latest Joomla! version (1.5.23 or later) Reported by Hannes Papenberg Contact The JSST at the Joomla! Security Center. Read Full Article
[20110405] - Core - XSS Vulnerabilities Project: Joomla! SubProject: All Severity: Medium Versions: 1.6.1 and 1.6.0 Exploit type: XSS Vulnerabilities Reported Date: 2011-March-29 Fixed Date: 2011-April-14 Description Inadequate filtering causes XSS vulnerabilities. Affected Installs Joomla! version 1.6.1 and 1.6.0 versions Solution Upgrade to the latest Joomla! version (1.6.2 or later) Reported by Jeff Channell Contact The JSST at the Joomla! Security Center. Read Full Article
[20110407] - Core - Unauthorised Access Project: Joomla! SubProject: All Severity: Medium Versions: 1.6.1 and 1.6.0 Exploit type: Unauthorised access Reported Date: 2011-March-17 Fixed Date: 2011-April-14 Description Inadequate permission checking causes potential for unauthorised access. Affected Installs Joomla! version 1.6.1 and 1.6.0 versions Solution Upgrade to the latest Joomla! version (1.6.2 or later) Reported by Elin Waring Contact The JSST at the Joomla! Security Center. Read Full Article
[20110409] - Core - Clickjacking Project: Joomla! SubProject: All Severity: Medium Versions: 1.6.1 and 1.6.0 Exploit type: Clickjacking Reported Date: 2011-March-30 Fixed Date: 2011-April-14 Description Inadequate protection leads to clickjacking vulnerability. Affected Installs Joomla! version 1.6.1 and 1.6.0 versions Solution Upgrade to the latest Joomla! version (1.6.2 or later) Reported by Aung Khant, YGN Ethical Hacker Group Contact The JSST at the Joomla! Security Center. Read Full Article
[20110402] - Core - Information Disclosure Project: Joomla! SubProject: All Severity: Low Versions: 1.6.1 and 1.6.0 Exploit type: Information Disclosure Reported Date: 2011-March-28 Fixed Date: 2011-April-14 Description Inadequate error checking causes information disclosure. Affected Installs Joomla! version 1.6.1 and 1.6.0 versions Solution Upgrade to the latest Joomla! version (1.6.2 or later) Reported by YGN Ethical Hacker Group Contact The JSST at the Joomla! Security Center. Read Full Article
[20110408] - Core - SQL Injection Project: Joomla! SubProject: All Severity: Medium Versions: 1.6.1 and 1.6.0 Exploit type: SQL Injection Reported Date: 2011-March-12 Fixed Date: 2011-April-14 Description Unescaped values in query leads to SQL injection vulnerability. Affected Installs Joomla! version 1.6.1 and 1.6.0 versions Solution Upgrade to the latest Joomla! version (1.6.2 or later) Reported by anonymous. Contact The JSST at the Joomla! Security Center. Read Full Article
Seite 18 von 18