FreeBSD : joomla -- multiple vulnerabilities (8d10038e-515c-11df-83fb-0015587e2cc1)

High Nessus Plugin ID 46005


The remote FreeBSD host is missing a security-related update.


Joomla! reported the following vulnerabilities :

If a user entered a URL with a negative query limit or offset, a PHP notice would display revealing information about the system..

The migration script in the Joomla! installer does not check the file type being uploaded. If the installation application is present, an attacker could use it to upload malicious files to a server.

Session id doesn't get modified when user logs in. A remote site may be able to forward a visitor to the Joomla! site and set a specific cookie. If the user then logs in, the remote site can use that cookie to authenticate as that user.

When a user requests a password reset, the reset tokens were stored in plain text in the database. While this is not a vulnerability in itself, it allows user accounts to be compromised if there is an extension on the site with a SQL injection vulnerability.


Update the affected package.

See Also

Plugin Details

Severity: High

ID: 46005

File Name: freebsd_pkg_8d10038e515c11df83fb0015587e2cc1.nasl

Version: $Revision: 1.7 $

Type: local

Published: 2010/04/27

Modified: 2014/08/12

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:joomla15, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2010/04/26

Vulnerability Publication Date: 2010/04/23