FreeBSD : Joomla -- multiple vulnerabilities (1f935f61-075d-11db-822b-728b50d539a3)

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Joomla Site reports :

- Secured 'Remember Me' functionality against SQL injection attacks

- Secured 'Related Items' module against SQL injection attacks

- Secured 'Weblinks' submission against SQL injection attacks

- Secured SEF from XSS vulnerability

- Hardened frontend submission forms against spoofing

- Secured mosmsg from misuse

- Hardened mosgetparam by setting variable type to integer if default
value is detected as numeric

- Secured com_messages from XSS vulnerability

- Secured getUserStateFromRequest() from XSS vulnerability

See also :

http://www.nessus.org/u?a011e42d
http://www.nessus.org/u?1642089f

Solution :

Update the affected package.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 21788 (freebsd_pkg_1f935f61075d11db822b728b50d539a3.nasl)

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now