[20181002] – Core – Inadequate default access level for com_joomlaupdate

Joomla is available using 1 click install in Cloud Server cPanel and Cloud Server Webuzo. Contact us to find out our latest offers! Project: Joomla! SubProject: CMS Impact: High Severity: Low Versions: 2.5.4 through 3.8.12 Exploit type: Object Injection Reported Date: 2018-June-21 Fixed Date: 2018-October-02 CVE Number: CVE-2018-17856 Description Joomla’s Continue Reading

[20180803] – Core – ACL Violation in custom fields

Joomla is available using 1 click install in Cloud Server cPanel and Cloud Server Webuzo. Contact us to find out our latest offers! Project: Joomla! SubProject: CMS Impact: Low Severity: Low Versions: 3.7.0 through 3.8.11 Exploit type: ACL Violation Reported Date: 2018-July-10 Fixed Date: 2018-August-28 CVE Number: CVE-2018-15881 Description Inadequate Continue Reading

[20180801] – Core – Hardening the InputFilter for PHAR stubs

Joomla is available using 1 click install in Cloud Server cPanel and Cloud Server Webuzo. Contact us to find out our latest offers! Project: Joomla! SubProject: CMS Impact: High Severity: Low Versions: 1.5.0 through 3.8.11 Exploit type: Malicious file upload Reported Date: 2018-August-23 Fixed Date: 2018-August-28 CVE Number: CVE-2018-15882 Description Continue Reading

Joomla 3.8.10 Release

Joomla is available using 1 click install in Cloud Server cPanel and Cloud Server Webuzo. Contact us to find out our latest offers! Joomla 3.8.10 is now available. This is a bug fix release addressing one bug introduced into 3.8.9 which affects Windows servers. What’s in 3.8.10? Joomla 3.8.10 is Continue Reading

[20180602] – Core – XSS vulnerability in language switcher module

Joomla is available using 1 click install in Cloud Server cPanel and Cloud Server Webuzo. Contact us to find out our latest offers! Project: Joomla! SubProject: CMS Impact: Low Severity: Low Versions: 1.6.0 through 3.8.8 Exploit type: XSS Reported Date: 2018-May-07 Fixed Date: 2018-June-26 CVE Number: CVE-2018-12711 Description In some Continue Reading

[20180601] – Core – Local File Inclusion with PHP 5.3

Joomla is available using 1 click install in Cloud Server cPanel and Cloud Server Webuzo. Contact us to find out our latest offers! Project: Joomla! SubProject: CMS Impact: Low Severity: Low Versions: 2.5.0 through 3.8.8 Exploit type: LFI Reported Date: 2018-April-23 Fixed Date: 2018-June-26 CVE Number: CVE-2018-12712 Description Our autoload Continue Reading

[20180509] – Core – XSS vulnerability in the media manager

Joomla is available using 1 click install in Cloud Server cPanel and Cloud Server Webuzo. Contact us to find out our latest offers! Project: Joomla! SubProject: CMS Impact: Low Severity: Low Versions: 1.5.0 through 3.8.7 Exploit type: XSS Reported Date: 2017-October-28 Fixed Date: 2018-May-22 CVE Number: CVE-2018-6378 Description Inadequate filtering Continue Reading

[20180507] – Core – Session deletion race condition

Joomla is available using 1 click install in Cloud Server cPanel and Cloud Server Webuzo. Contact us to find out our latest offers! Project: Joomla! SubProject: CMS Impact: Medium Severity: Low Versions: 3.0.0 through 3.8.7 Exploit type: Session race condition Reported Date: 2017-July-08 Fixed Date: 2018-May-22 CVE Number: CVE-2018-11324 Description Continue Reading

>