Upgrade Joomla Anda

Halo,

Kami ingin memberitahukan bahwa ada informasi dari Joomla perihal security, mohon anda upgrade ke versi terbaru, sesuai yang disarankan di bawah ini:

Posted: 23 Apr 2013 10:00 PM PDT
Project: Joomla!
SubProject: All
Severity: Low
Versions: 2.5.9 and earlier 2.5.x versions. 3.0.3 and earlier 3.0.x versions.
Exploit type: XSS Vulnerability
Reported Date: 2013-February-26
Fixed Date: 2013-April-24
CVE Number: CVE-2013-3059
Description

Inadequate filtering leads to XSS vulnerability in Voting plugin.

Affected Installs

Joomla! version 2.5.9 and earlier 2.5.x versions; and version 3.0.2 and earlier 3.0.x versions.

Solution

Upgrade to version 2.5.10,  3.1.0 or 3.0.4.

Contact

The JSST at the Joomla! Security Center.

Reported By: Yannick Gaultier and Jeff Channell

[20130403] – Core – XSS Vulnerability
Posted: 23 Apr 2013 10:00 PM PDT
Project: Joomla!
SubProject: All
Severity: Moderate
Versions: 2.5.9 and earlier 2.5.x versions. 3.0.3 and earlier 3.0.x versions.
Exploit type: XSS Vulnerability
Reported Date: 2013-March-9
Fixed Date: 2013-April-24
CVE Number: CVE-2013-3058
Description

Inadequate filtering allows possibility of XSS exploit in some circumstances.

Affected Installs

Joomla! version 2.5.9 and earlier 2.5.x versions; and version 3.0.2 and earlier 3.0.x versions.

Solution

Upgrade to version 2.5.10,  3.1.0 or 3.0.4.

Contact

The JSST at the Joomla! Security Center.

Reported By: James Kettle

[20130402] – Core – Information Disclosure
Posted: 23 Apr 2013 10:00 PM PDT
Project: Joomla!
SubProject: All
Severity: Low
Versions: 2.5.9 and earlier 2.5.x versions. 3.0.3 and earlier 3.0.x versions.
Exploit type: Information Disclosure
Reported Date: 2013-March-29
Fixed Date: 2013-April-24
CVE Number: CVE-2013-3057
Description

Inadequate permission checking allows unauthorised user to see permission settings in some circumstances.

Affected Installs

Joomla! version 2.5.9 and earlier 2.5.x versions; and version 3.0.2 and earlier 3.0.x versions.

Solution

Upgrade to version 2.5.10,  3.1.0 or 3.0.4.

Contact

The JSST at the Joomla! Security Center.

Reported By: Francois Gauthier

[20130404] – Core – XSS Vulnerability
Posted: 23 Apr 2013 10:00 PM PDT
Project: Joomla!
SubProject: All
Severity: Low
Versions: 2.5.9 and earlier 2.5.x versions. 3.0.3 and earlier 3.0.x versions.
Exploit type: XSS Vulnerability
Reported Date: 2013-February-15
Fixed Date: 2013-April-24
CVE Number: None
Description

Use of old version of Flash-based file uploader leads to XSS vulnerability.

Affected Installs

Joomla! version 2.5.9 and earlier 2.5.x versions; and version 3.0.2 and earlier 3.0.x versions.

Solution

Upgrade to version 2.5.10,  3.1.0 or 3.0.4.

Contact

The JSST at the Joomla! Security Center.

Reported By: Reginaldo Silva

[20130401] – Core – Privilege Escalation
Posted: 23 Apr 2013 10:00 PM PDT
Project: Joomla!
SubProject: All
Severity: Low
Versions: 2.5.9 and earlier 2.5.x versions. 3.0.3 and earlier 3.0.x versions.
Exploit type: Privilege Escalation
Reported Date: 2013-March-29
Fixed Date: 2013-April-24
CVE Number: CVE-2013-3056
Description

Inadequate permission checking allows unauthorised user to delete private messages.

Affected Installs

Joomla! version 2.5.9 and earlier 2.5.x versions; and version 3.0.2 and earlier 3.0.x versions.

Solution

Upgrade to version 2.5.10,  3.1.0 or 3.0.4.

Contact

The JSST at the Joomla! Security Center.

Reported By: Francois Gauthier

[20130406] – Core – DOS Vulnerability
Posted: 23 Apr 2013 10:00 PM PDT
Project: Joomla!
SubProject: All
Severity: Moderate
Versions: 2.5.9 and earlier 2.5.x versions. 3.0.3 and earlier 3.0.x versions.
Exploit type: Denial of service vulnerability
Reported Date: 2013-February-18
Fixed Date: 2013-April-24
CVE Number: CVE-2013-3242
Description

Object unserialize method leads to possible denial of service vulnerability.

Affected Installs

Joomla! version 2.5.9 and earlier 2.5.x versions; and version 3.0.2 and earlier 3.0.x versions.

Solution

Upgrade to version 2.5.10,  3.1.0 or 3.0.4.

Contact

The JSST at the Joomla! Security Center.

Reported By: Egidio Romano

[20130407] – Core – XSS Vulnerability
Posted: 23 Apr 2013 10:00 PM PDT
Project: Joomla!
SubProject: All
Severity: Low
Versions: 2.5.9 and earlier 2.5.x versions. 3.0.3 and earlier 3.0.x versions.
Exploit type: XSS Vulnerability
Reported Date: 2013-April-17
Fixed Date: 2013-April-24
CVE Number: CVE-2013-3267
Description

Inadequate filtering leads to XSS vulnerability in highlighter plugin.

Affected Installs

Joomla! version 2.5.9 and earlier 2.5.x versions; and version 3.0.2 and earlier 3.0.x versions.

Solution

Upgrade to version 2.5.10,  3.1.0 or 3.0.4.

Contact

The JSST at the Joomla! Security Center.

Reported By: Vertical Pigeon

 
SingCat Team
Telp No:
021-7425-817 (Office)
0812-987-56-777 (Telkomsel)
Whatsapp/Line: 08-777-166-7086 (XL)
Kontak Form
YM ID: singcatzero
yahoo chat

Iklan