[20180505] – Core – XSS Vulnerabilities & additional hardening

Joomla is available using 1 click install in Cloud Server cPanel and Cloud Server Webuzo. Contact us to find out our latest offers! Project: Joomla! SubProject: CMS Impact: Moderate Severity: Moderate Versions: 3.0.0 through 3.8.7 Exploit type:XSS Reported Date:2018-February-02 & 2018-March-27 Fixed Date: 2018-May-22 CVE Number: CVE-2018-11326 Description Inadequate input Continue Reading

[20180503] – Core – Information Disclosure about unpublished tags

Joomla is available using 1 click install in Cloud Server cPanel and Cloud Server Webuzo. Contact us to find out our latest offers! Project: Joomla! SubProject: CMS Impact: Low Severity: Moderate Versions: 3.1.0 through 3.8.7 Exploit type: Information Disclosure Reported Date: 2018-April-27 Fixed Date: 2018-May-22 CVE Number: CVE-2018-11327 Description Inadequate Continue Reading

[20180501] – Core – ACL violation in access levels

Joomla is available using 1 click install in Cloud Server cPanel and Cloud Server Webuzo. Contact us to find out our latest offers! Project: Joomla! SubProject: CMS Impact: High Severity: Low Versions: 2.5.0 through 3.8.7 Exploit type: ACL violation Reported Date: 2018-March-08 Fixed Date: 2018-May-22 CVE Number: CVE-2018-11323 Description Inadequate Continue Reading

Joomla Feed

[20180301] – Core – SQLi vulnerability User Notes

Joomla is available using 1 click install in Cloud Server cPanel and Cloud Server Webuzo. Contact us to find out our latest offers! Project: Joomla! SubProject: CMS Impact: High Severity: Low Versions: 3.5.0 through 3.8.5 Exploit type: SQLi Reported Date: 2018-March-08 Fixed Date: 2018-March-12 CVE Number: CVE-2018-8045 Description The lack of type Continue Reading

Joomla Feed

[20180103] – Core – XSS vulnerability in Uri class

Joomla is available using 1 click install in Cloud Server cPanel and Cloud Server Webuzo. Contact us to find out our latest offers! Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 1.5.0 through 3.8.3 Exploit type: XSS Reported Date: 2017-November-17 Fixed Date: 2018-January-30 CVE Number: CVE-2018-6379 Description Inadequate input filtering in Continue Reading

Joomla Feed

[20180102] – Core – XSS vulnerability in com_fields

Joomla is available using 1 click install in Cloud Server cPanel and Cloud Server Webuzo. Contact us to find out our latest offers! Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 3.7.0 through 3.8.3 Exploit type: XSS Reported Date: 2018-January-20 Fixed Date: 2018-January-30 CVE Number: CVE-2018-6377 Description Inadequate input filtering in com_fields Continue Reading