icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Joomla! < 1.5.16 Multiple Vulnerabilities

Medium

Synopsis

The remote web server has an application installed that is vulnerable to multiple attack vectors.

Description

The remote web server is hosting a version of Joomla! earlier than 1.5.16. Such versions are potentially affected by multiple security issues :

- If a user enters a URL with a negative query limit or offset, a PHP notice displays revealing information about the system.

- The migration script in the Joomla! installer does not check the file type being uploaded.

- A user's session ID doesn't get modified when the user logs on.

- When a user requests a password reset, the reset token is stored in plain text in the database.

Solution

Upgrade to Joomla! 1.5.16 or later.