Advertisement






Multiple vulnerabilities in Joomla 1.5 RC 1

CVE Category Price Severity
CVE-2009-3835 CWE-20 $500 High
Author Risk Exploitation Type Date
Anonymous High Remote 2007-09-12
Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2007090025

Below is a copy:

There are several security bugs in Joomla 1.5 RC 1 :
1) An exploitable sql injection in the archive section . I sent the exploit
to the joomla developer, but here I am not going to publish it :)
2) A XSS bug, again in the archive section .
3) Several full path disclosure bugs . Direct access to many .../tmpl/...php
   files, will expose the full installation path .
Joomla has released a new version (Joomla 1.5 RC 2) .

- Omid

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum