alvingiovanno
Apprentice 2.0
PHP:
Joomla! Security News
[20120302] - Core - XSS Vulnerability
Posted: 05 Mar 2012 06:00 AM PST
Project: Joomla!
SubProject: All
Severity: Moderate
Versions: 2.5.1 and 2.5.0
Exploit type: XSS Vulnerability
Reported Date: 2012-February-29
Fixed Date: 2012-March-05
Description
Inadequate filtering leads to XSS vulnerability.
Affected Installs
Joomla! version 2.5.1 and 2.5.0.
Solution
Upgrade to version 2.5.2
Reported by Phil Purviance
Contact
The JSST at the Joomla! Security Center.
[20120301] - Core - SQL Injection
Posted: 05 Mar 2012 06:00 AM PST
Project: Joomla!
SubProject: All
Severity: High
Versions: 2.5.1, 2.5.0 and 1.7.0 - 1.7.4
Exploit type: SQL Injection
Reported Date: 2012-February-29
Fixed Date: 2012-March-05
Description
Inadequate escaping leads to SQL injection vulnerability.
Affected Installs
Joomla! version 2.5.1, 2.5.0, 1.7.4, and all earlier 1.7.x versions
Solution
Upgrade to version 2.5.2
Reported by Colin Wong
Contact
The JSST at the Joomla! Security Center.tuh Tuan saya dapat email, yang pakek joomla 1.7 - 2.5 upgrade buru biar ga kena xss & SQLi
