Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Joomla! < 1.5.20 Multiple Vulnerabilities (deprecated)

Medium

Synopsis

The remote web server has an application that is vulnerable to multiple attack vectors.

Description

The remote web server is hosting Joomla!, a content management system written in PHP.

Versions of Joomla earlier than 1.5.20 are potentially affected by multiple vulnerabilities :

- A back-end user can inject SQL code which will lead to a MySQL error which shows internal path information. (Bug 20100701)

- Multiple cross-site scripting vulnerabilities in various administrative screens. (Bug 20100702, Bug 201000703, Bug 20100704)

Solution

Upgrade to Joomla! 1.5.20 or later.