• 301 777 99 61
  • nadosub@gmail.com

    News Feed Category

    Joomla! Security News

    1. [20180301] - Core - SQLi vulnerability User Notes

      • Project: Joomla!
      • SubProject: CMS
      • Impact: High
      • Severity: Low
      • Versions: 3.5.0 through 3.8.5
      • Exploit type: SQLi
      • Reported Date: 2018-March-08
      • Fixed Date: 2018-March-12
      • CVE Number: CVE-2018-8045

      Description

      The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the User Notes list view

      Affected Installs

      Joomla! CMS versions 3.5.0 through 3.8.5

      Solution

      Upgrade to version 3.8.6

      Contact

      The JSST at the Joomla! Security Centre.

      Reported By:Entropy Moe
    2. [20180104] - Core - SQLi vulnerability in Hathor postinstall message

      • Project: Joomla!
      • SubProject: CMS
      • Impact: High
      • Severity: Low
      • Versions: 3.7.0 through 3.8.3
      • Exploit type: SQLi
      • Reported Date: 2017-November-17
      • Fixed Date: 2018-January-30
      • CVE Number: CVE-2018-6376

      Description

      The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message.

      Affected Installs

      Joomla! CMS versions 3.7.0 through 3.8.3

      Solution

      Upgrade to version 3.8.4

      Contact

      The JSST at the Joomla! Security Centre.

      Reported By: Karim Ouerghemmi, ripstech.com
    3. [20180103] - Core - XSS vulnerability in Uri class

      • Project: Joomla!
      • SubProject: CMS
      • Impact: Moderate
      • Severity: Low
      • Versions: 1.5.0 through 3.8.3
      • Exploit type: XSS
      • Reported Date: 2017-November-17
      • Fixed Date: 2018-January-30
      • CVE Number: CVE-2018-6379

      Description

      Inadequate input filtering in the Uri class (formerly JUri) leads to a XSS vulnerability.

      Affected Installs

      Joomla! CMS versions 1.5.0 through 3.8.3

      Solution

      Upgrade to version 3.8.4

      Contact

      The JSST at the Joomla! Security Centre.

      Reported By: Octavian Cinciu
    4. [20180102] - Core - XSS vulnerability in com_fields

      • Project: Joomla!
      • SubProject: CMS
      • Impact: Moderate
      • Severity: Low
      • Versions: 3.7.0 through 3.8.3
      • Exploit type: XSS
      • Reported Date: 2018-January-20
      • Fixed Date: 2018-January-30
      • CVE Number: CVE-2018-6377

      Description

      Inadequate input filtering in com_fields leads to a XSS vulnerability in multiple field types, i.e. list, radio and checkbox.

      Affected Installs

      Joomla! CMS versions 3.7.0 through 3.8.3

      Solution

      Upgrade to version 3.8.4

      Contact

      The JSST at the Joomla! Security Centre.

      Reported By:Benjamin Trenkle, JSST
    5. [20180101] - Core - XSS vulnerability in module chromes

      • Project: Joomla!
      • SubProject: CMS
      • Impact: Moderate
      • Severity: Low
      • Versions: 3.0.0 through 3.8.3
      • Exploit type: XSS
      • Reported Date: 2018-January-21
      • Fixed Date: 2018-January-30
      • CVE Number: CVE-2018-6380

      Description

      Lack of escaping in the module chromes leads to XSS vulnerabilities in the module system.

      Affected Installs

      Joomla! CMS versions 3.0.0 through 3.8.3

      Solution

      Upgrade to version 3.8.4

      Contact

      The JSST at the Joomla! Security Centre.

      Reported By: David Jardin, JSST

    Lugar y Horario de Trabajo

    Actualmente trabajamos en el complejo acuático, en la piscina semi-olimpica  de 5.00 a.m. a 8.00 a.m. todas las edades, de 4.00 a 6.00 p.m. niños entre 6 y 12 años, 6.00 a 8.00 p.m. adolescentes y adultos jovenes entre 14 años y 25 años, adultos de 8.00 a 9.30 p.m.

    Ultimas Noticias