News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Secunia.com:
Joomla! Multiple Vulnerabilities
July 30, 2007 @ 10:26:00

Secunia.com reports that multiple vulnerabilities have been found in the Joomla! content management system:

Some vulnerabilities have been reported in Joomla!, which can be exploited by malicious people to conduct session fixation attacks, cross-site scripting attacks or HTTP response splitting attacks.

The issues are marked as "less critical" but users should still update to the latest version to avoid these issues:

  • Certain unspecified input passed in com_search, com_content and mod_login is not properly sanitised before being returned to a user
  • Input passed to the "url" parameter is not properly sanitised before being returned to the user. This can be exploited to insert arbitrary HTTP headers.
  • An error exists in the handling of sessions and can be exploited to hijack another user's session by tricking the user into logging in after following a specially crafted link.

See the original advisory post here.

0 comments voice your opinion now!
joomla content management cms vulnerability secunia joomla content management cms vulnerability secunia


blog comments powered by Disqus

Similar Posts

IBM developerWorks: Accessing third-party content with oEmbed and PHP

NewsForge: Choosing an open source CMS

Community News: Serendipity 1.1.3 and 1.2-beta2 released due to SQL exploit

DashExamples.com: Add a Content Security Policy(CSP) to your Web Site with PHP

Paul Jones: Action-Domain-Responder, Content Negotiation, and Routers


Community Events





Don't see your event here?
Let us know!


api library list unittest release series interview framework developer code podcast configure application community wordpress threedevsandamaybe laravel introduction language install

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework