The essential news about content management systems and mobile technology.
Powered by Joocial, XT Search for Algolia, and SlimApps.

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 3.0.2 and earlier 3.0.x versions; version 2.5.8 and earlier 2.5.x versions.
  • Exploit type: Information disclosure
  • Reported Date: 2012-October-31
  • Fixed Date: 2013-February-4
  • CVE Number: CVE-2013-1453

Description

Method of encoding search terms led to possible information disclosure.

Affected Installs

Joo

...

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 3.0.2 and earlier 3.0.x versions.
  • Exploit type: Information disclosure
  • Reported Date: 2013-January-13
  • Fixed Date: 2013-February-4
  • CVE Number: CVE-2013-1454

Description

Coding errors led to information disclosure in some situations.

Affected Installs

Joomla! version 3.0.2 and earlier 3.0.x versions.

Solu

...

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 2.5.6 and all earlier 2.5.x versions
  • Exploit type: XSS Vulnerability
  • Reported Date: 2012-July-2
  • Fixed Date: 2012-September-13

Description

Inadequate escaping of output leads to XSS vulnerability in language switcher module.

Affected Installs

Joomla! versions 2.5.6 and all earlier 2.5.x versions

Solutio

...

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 3.0.2 and earlier 3.0.x versions.
  • Exploit type: Information disclosure
  • Reported Date: 2013-January-16
  • Fixed Date: 2013-February-4
  • CVE Number: CVE-2013-1455

Description

Undefined variable caused information disclosure in some situations.

Affected Installs

Joomla! version 3.0.2 and earlier 3.0.x

...

  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 2.5.6 and all earlier 2.5.x versions
  • Exploit type: XSS Vulnerability
  • Reported Date: 2012-April-30
  • Fixed Date: 2012-September-13

Description

Inadequate escaping of output leads to XSS vulnerability.

Affected Installs

Joomla! versions 2.5.6 and all earlier 2.5.x versions

Solution

Upgrade to version 2.5.7

R

...