|
|
| (15 intermediate revisions by 3 users not shown) |
| Line 1: |
Line 1: |
| − | {{RightTOC}} | + | {{Archived|106908}} |
| − | | |
| − | {| class="wikitable sortable" border="1"
| |
| − | |-
| |
| − | ! '''Extension'''
| |
| − | ! class="unsortable"| '''Details'''
| |
| − | ! '''Reference Link'''
| |
| − | ! '''Extension Update Link'''
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black" | '''com_ajaxchat'''
| |
| − | | Summary: PHP remote file inclusion vulnerability in Fiji Web Design Ajax Chat ('''com_ajaxchat''') component 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter to tests/ajcuser.php.New version release December 22,2009
| |
| − | Published: october 28 2009
| |
| − | | [[NIST:CVE-2009-3822|CVE-2009-3822]]
| |
| − | | style="background:#cef2e0; color:white" | [http://extensions.joomla.org/extensions/communication/chat/10767 update v 1.1]
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black" | '''com_booklibrary'''
| |
| − | | PHP remote file inclusion vulnerability in doc/releasenote.php in the BookLibrary ('''com_booklibrary''') component 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter, a different vector than [[NIST:CVE-2009-2637|CVE-2009-2637]]. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
| |
| − | Published: 10/28/2009
| |
| − | CVSS Severity: 7.5 (HIGH)
| |
| − | | [[NIST:CVE-2009-3817|CVE-2009-3817]]
| |
| − | | style="background:#cef2e0; color:black" | '''[http://ordasoft.com/Download/Joomla1.0-extensions/Joomla1.0-components/View-category.html developer site updates]'''
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black" | '''com_foobla_suggestions'''
| |
| − | | Summary: SQL injection vulnerability in the foobla Suggestions ('''com_foobla_suggestions''') component 1.5.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the idea_id parameter to index.php.
| |
| − | Published: 10/11/2009
| |
| − | CVSS Severity: 7.5 (HIGH)
| |
| − | | [[NIST:CVE-2009-3669|CVE-2009-3669]]
| |
| − | | style="background:#cef2e0; color:white" | [http://foobla.com/news/latest/fixed-foobla-suggestions-for-joomla-idea_id-sql-injection-vulnerability.html developer reported upgrade]
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_djcatalog'''
| |
| − | | Summary: Multiple SQL injection vulnerabilities in the DJ-Catalog ('''com_djcatalog''') component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a showItem action and (2) cid parameter in a show action to index.php.
| |
| − | Published: 10/11/2009
| |
| − | CVSS Severity: 6.8 (MEDIUM)
| |
| − | | [[NIST:CVE-2009-3661|CVE-2009-3661]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black" | '''com_cbresumebuilder'''
| |
| − | | Summary: SQL injection vulnerability in the JoomlaCache CB Resume Builder (''''''com_cbresumebuilder''') component for Joomla! allows remote attackers to execute arbitrary SQL commands via the group_id parameter in a group_members action to index.php.
| |
| − | Published: 10/09/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3645|CVE-2009-3645]]
| |
| − | | style="background:#cef2e0; color:white" |'''[http://www.joomlacache.com/commercial-extensions/security-update.html Developer Update]'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_soundset'''
| |
| − | | Summary: SQL injection vulnerability in the Soundset ('''com_soundset''') component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to index.php.
| |
| − | Published: 10/09/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3644|CVE-2009-3644]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" |'''com_sportfusion'''
| |
| − | | Summary: SQL injection vulnerability in the Kinfusion SportFusion ('''com_sportfusion''') component 0.2.2 through 0.2.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a teamdetail action to index.php.
| |
| − | Published: 09/30/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3491|CVE-2009-3491]]
| |
| − | | style="background:red; color:white" |'''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_icrmbasic'''
| |
| − | | Summary: A certain interface in the iCRM Basic ('''com_icrmbasic''') component 1.4.2.31 for Joomla! does not require administrative authentication, which has unspecified impact and remote attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
| |
| − | Published: 09/30/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3481|CVE-2009-3481]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_mytube'''
| |
| − | | Summary: SQL injection vulnerability in the MyRemote Video Gallery ('''com_mytube''') component 1.0 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a videos action to index.php.
| |
| − | Published: 09/28/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3446|CVE-2009-3446]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_fastball'''
| |
| − | | Summary: SQL injection vulnerability in the Fastball ('''com_fastball''') component 1.1.0 through 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the league parameter to index.php.
| |
| − | Published: 09/28/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3443|CVE-2009-3443]]
| |
| − | | style="background:#cef2e0; color:white" | [http://www.fastballproductions.com latest version] 1.2.1
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_facebook'''
| |
| − | | Summary: SQL injection vulnerability in the JoomlaFacebook ('''com_facebook''') component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a student action to index.php.
| |
| − | Published: 09/28/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3438|CVE-2009-3438]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_tupinambis'''
| |
| − | | Summary: SQL injection vulnerability in the Tupinambis ('''com_tupinambis''') component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the proyecto parameter in a verproyecto action to index.php.
| |
| − | Published: 09/28/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3434|CVE-2009-3434]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black" |'''com_idoblog'''
| |
| − | | Summary: SQL injection vulnerability in the IDoBlog ('''com_idoblog''') component 1.1 build 30 for Joomla! allows remote attackers to execute arbitrary SQL commands via the userid parameter in a profile action to index.php, a different vector than [[NIST:CVE-2008-2627|CVE-2008-2627]].
| |
| − | Published: 09/25/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3417|CVE-2009-3417]]
| |
| − | | style="background:#cef2e0; color:white" |'''[http://idojoomla.com/download.html/ '''New Version v 1.1''' (build 32)]'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_hbssearch'''
| |
| − | | Summary: Cross-site scripting ('''XSS''') vulnerability in the Hotel Booking Reservation System ('''aka HBS or com_hbssearch''') component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the adult parameter in a showhoteldetails action to index.php.
| |
| − | Published: 09/24/2009
| |
| − | CVSS Severity: 4.3 ('''MEDIUM''')
| |
| − | | [[NIST:CVE-2009-3368|CVE-2009-3368]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_hbssearch'''
| |
| − | | Summary: Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System ('''aka HBS or com_hbssearch''') component for Joomla! allow remote attackers to execute arbitrary SQL commands via the ('''1''') h_id, ('''2''') id, and ('''3''') rid parameters to longDesc.php, and the h_id parameter to ('''4''') detail.php, ('''5''') detail1.php, ('''6''') detail2.php, ('''7''') detail3.php, ('''8''') detail4.php, ('''9''') detail5.php, ('''10''') detail6.php, ('''11''') detail7.php, and ('''12''') detail8.php, different vectors than [[NIST:CVE-2008-5865|CVE-2008-5865]], [[NIST:CVE-2008-5874|CVE-2008-5874]], and [[NIST:CVE-2008-5875|CVE-2008-5875]].
| |
| − | Published: 09/24/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3357|CVE-2009-3357]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black" |'''com_alphauserpoints'''
| |
| − | | Summary: SQL injection vulnerability in frontend/assets/ajax/checkusername.php in the AlphaUserPoints ('''com_alphauserpoints''') component 1.5.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the username2points parameter.
| |
| − | Published: 09/24/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3342|CVE-2009-3342]]
| |
| − | | style="background:#cef2e0; color:white" |'''[http://www.alphaplug.com/index.php/news/142-alphauserpoints-153-released.html 1.5.3]'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''TurtuShout'''
| |
| − | | Summary: SQL injection vulnerability in the TurtuShout component 0.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Name field.
| |
| − | Published: 09/24/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3335|CVE-2009-3335]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_jinc'''
| |
| − | | Summary: SQL injection vulnerability in the Lhacky! Extensions Cave Joomla! Integrated Newsletters Component ('''aka JINC or com_jinc''') component 0.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a messages action to index.php.
| |
| − | Published: 09/23/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3334|CVE-2009-3334]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black" | '''com_jbudgetsmagic'''
| |
| − | | Summary: SQL injection vulnerability in the JBudgetsMagic ('''com_jbudgetsmagic''') component 0.3.2 through 0.4.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the bid parameter in a mybudget action to index.php.
| |
| − | Published: 09/23/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3332|CVE-2009-3332]]
| |
| − | | style="background:#cef2e0; color:white" | '''[http://sopinet.com/jbudgetsmagic/index.php?option=com_remository&Itemid=5&lang=en Update to 0.4.1]'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_surveymanager'''
| |
| − | | Summary: SQL injection vulnerability in the Focusplus Developments Survey Manager ('''com_surveymanager''') component 1.5.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the stype parameter in an editsurvey action to index.php.
| |
| − | Published: 09/23/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3325|CVE-2009-3325]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_album'''
| |
| − | | Summary: Directory traversal vulnerability in the Roland Breedveld Album ('''com_album''') component 1.14 for Joomla! allows remote attackers to access arbitrary directories and have unspecified other impact via a .. ('''dot dot''') in the target parameter to index.php.
| |
| − | Published: 09/23/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3318|CVE-2009-3318]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black" | '''com_jreservation'''
| |
| − | | Summary: SQL injection vulnerability in the [http://extensions.joomla.org/extensions/vertical-markets/booking-a-reservation/9798 JReservation] ('''com_jreservation''') component 1.0 and 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a propertycpanel action to index.php.
| |
| − | Published: 09/23/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3316|CVE-2009-3316]]
| |
| − | | style="background:#cef2e0; color:black" | [http://www.jforjoomla.com Updated 28th] Jan fixed 13th Nov
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''IXXO Cart Standalone'''
| |
| − | | Summary: SQL injection vulnerability in IXXO Cart Standalone before 3.9.6.1, and the IXXO Cart component for Joomla! 1.0.x, allows remote attackers to execute arbitrary SQL commands via the parent parameter.
| |
| − | Published: 09/16/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3215|CVE-2009-3215]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_digifolio'''
| |
| − | | Summary: SQL injection vulnerability in the DigiFolio ('''com_digifolio''') component 1.52 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a project action to index.php.
| |
| − | Published: 09/15/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3193|CVE-2009-3193]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_aclassf'''
| |
| − | | Summary: Cross-site scripting ('''XSS''') vulnerability in '''gmap.php''' in the Almond Classifieds ('''com_aclassf''') component 7.5 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the addr parameter.
| |
| − | Published: 09/10/2009
| |
| − | CVSS Severity: 4.3 ('''MEDIUM''')
| |
| − | | [[NIST:CVE-2009-3155|CVE-2009-3155]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black" | '''com_aclassf'''
| |
| − | | Summary: SQL injection vulnerability in the Almond Classifieds ('''com_aclassf''') component 7.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the replid parameter in a manw_repl add_form action to index.php, a different vector than [[NIST:CVE-2009-2567|CVE-2009-2567]].
| |
| − | Published: 09/10/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3154|CVE-2009-3154]]
| |
| − | | style="background:#cef2e0; color:white" | [http://www.almondsoft.com/alcl.html Developer latest component]
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_jabode'''
| |
| − | | Summary: SQL injection vulnerability in Jabode horoscope extension ('''com_jabode''') for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a sign task to index.php.
| |
| − | Published: 09/08/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | |
| − | | [[NIST:CVE-2008-7169|CVE-2008-7169]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_gameserver'''
| |
| − | | Summary: SQL injection vulnerability in the Game Server ('''com_gameserver''') component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a gamepanel action to index.php.
| |
| − | Published: 09/03/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3063|CVE-2009-3063]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_artportal'''
| |
| − | | Summary: SQL injection vulnerability in the Artetics.com Art Portal ('''com_artportal''') component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the portalid parameter to index.php.
| |
| − | Published: 09/03/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3054|CVE-2009-3054]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black" | '''com_agora'''
| |
| − | | Summary: Directory traversal vulnerability in the Agora ('''com_agora''') component 3.0.0b for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action parameter to the avatars page, reachable through index.php.
| |
| − | Published: 09/03/2009
| |
| − | CVSS Severity: 6.8 ('''MEDIUM''')
| |
| − | | [[NIST:CVE-2009-3053|CVE-2009-3053]]
| |
| − | | style="background:#cef2e0; color:white" |'''[http://jvitals.com/index.php?option=com_rokdownloads&view=file&Itemid=108&id=282:agora-3-0 3.0.7]'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_simpleshop'''
| |
| − | | Summary: SQL injection vulnerability in the Simple Shop Galore ('''com_simpleshop''') component for Joomla! allows remote attackers to execute arbitrary SQL commands via the section parameter in a section action to index.php, a different vulnerability than [[NIST:CVE-2008-2568|CVE-2008-2568]]. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect.
| |
| − | Published: 08/24/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2008-7033|CVE-2008-7033]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_groups'''
| |
| − | | Summary: SQL injection vulnerability in the Permis ('''com_groups''') component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a list action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
| |
| − | Published: 08/17/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-2789|CVE-2009-2789]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | | |
| − | |-
| |
| − | | style="background:#cef2e0; color:black" | '''com_content'''
| |
| − | | Summary: SQL injection vulnerability in the content component ('''com_content''') 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a blogcategory action to index.php.
| |
| − | Published: 08/10/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2008-6923|CVE-2008-6923]]
| |
| − | | style="background:#cef2e0; color:white" |'''[http://developer.joomla.org/security/news/305-20091103-core-front-end-editor-issue-.html Resolution]'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_livechat'''
| |
| − | | Summary: SQL injection vulnerability in the Live Chat ('''com_livechat''') component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the last parameter to getChatRoom.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
| |
| − | Published: 07/30/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2008-6883|CVE-2008-6883]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_livechat'''
| |
| − | | Summary: Live Chat ('''com_livechat''') component 1.0 for Joomla! allows remote attackers to use the xmlhttp.php script as an open HTTP proxy to hide network scanning activities or scan internal networks via a GET request with a full URL in the query string.
| |
| − | Published: 07/30/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2008-6882|CVE-2008-6882]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_livechat'''
| |
| − | | Summary: Multiple SQL injection vulnerabilities in the Live Chat ('''com_livechat''') component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the last parameter to ('''1''') getChat.php, ('''2''') getChatRoom.php, and ('''3''') getSavedChatRooms.php.
| |
| − | Published: 07/30/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2008-6881|CVE-2008-6881]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black" |'''JUMI'''
| |
| − | | There is a backdoor in JUMI that installs itself when JUMI is installed on your web site. It sends your credentials to a website, and sets up a back door for remote code execution.
| |
| − | Please remove JUMI2.0.5 immediately.
| |
| − | It will be simple enough to remove the compromised code from this download, but you need to do
| |
| − | a full security audit on your site as well as you have been compromised. Added November 2009
| |
| − | | [http://code.google.com/p/jumi/updates/list Report]
| |
| − | | style="background:#cef2e0; color:white" |[http://code.google.com/p/jumi/updates/list Jumi Update]
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black" |'''com_photoblog'''
| |
| − | | Input Validation Error Added November 2009
| |
| − | | [http://www.securityfocus.com/bid/36809/ 36809]
| |
| − | | style="background:#cef2e0; color:white" |[http://webguerilla.net/downloads/3-components-for-joomla-1 webguerilla Photoblog alpha 3b]
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_jshop'''
| |
| − | | Summary: SQL injection vulnerability in the JShop ('''com_jshop''') component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a product action to index.php.
| |
| − | Published: 11/02/2009
| |
| − | CVSS Severity: 7.5 '''(HIGH)'''
| |
| − | | [[NIST:CVE-2009-3835|CVE-2009-3835]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black" |'''BF Survey Pro'''
| |
| − | | Summary: SQL injection vulnerability in the '''BF Survey Pro''' v1.2.5 or lower (fixed in version 1.2.6). '''BF Survey Basic v1.0''' (fixed in version 1.1). '''BF Quiz v1.1.1''' (fixed in version 1.2 or greater) Added November 2009
| |
| − | | [http://www.tamlyncreative.com.au/software/forum/index.php?topic=357.0 tamlyncreative.com.au]
| |
| − | | style="background:#cef2e0; color:white" |[http://www.tamlyncreative.com.au/software/forum/index.php?topic=357.0 update]
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black" |'''Joo!BB 0.9.1 '''
| |
| − | | Summary: Persistent XSS/MySQL Injection vulnerabilities in Joo!BB 0.9.1 Added November 2009
| |
| − | | [http://www.joobb.org/community/board/topic/700-MultipleXSSSQLInjectionVulnerabilities.html joob.org]
| |
| − | | style="background:#cef2e0; color:white" |[http://www.joobb.org/downloads/components.html update]
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black" |'''sh404sef '''
| |
| − | | Summary: sh404sef URI XSS Vulnerability Added November 2009
| |
| − | | [http://jeffchannell.com/Joomla/sh404sef-uri-xss-vulnerability.html jeffchannell.com]
| |
| − | | style="background:#cef2e0; color:white" |[http://extensions.siliana.com/en/2009060876/sh404SEF-and-url-rewriting/Interim-release-of-sh404sef-for-Joomla-1.5.x.html update]
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black" | '''AWD Wall 1.5'''
| |
| − | | Summary '''AWD Wall 1.5''' Blind SQL Injection Vulnerability.The Joomla component AWD Wall 1.5 suffers from an SQL Injection vulnerability in its handling of the 'cbuser' parameter.Added November 2009
| |
| − | | [http://jeffchannell.com/Joomla/awd-wall-15-blind-sql-injection-vulnerability.html Notice]
| |
| − | |style="background:#cef2e0; color:white" | '''[http://www.awdsolution.com/template_demo/testsite/index.php?option=com_content&view=article&id=48&Itemid=72 developer update]'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''EasyBook 2.0.0rc4'''
| |
| − | | Summary: The Joomla component '''EasyBook 2.0.0rc4''' suffers from multiple persistent XSS vulnerabilities. One seems fairly critical, while the others would take some incredible creativity to actively exploit. Added November 2009
| |
| − | | [http://jeffchannell.com/Joomla/easybook-200rc4-multiple-xss-vulnerabilities.html Alert]
| |
| − | | style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''F!BB 1.5.96'''
| |
| − | | Summary: The Joomla component '''F!BB 1.5.96 RC''' suffers from multiple persistent XSS vulnerabilities, as well SQL Injection in its user search feature. Added November 2009
| |
| − | | [http://jeffchannell.com/Joomla/fbb-1596-rc-multiple-vulnerabilities.html Alert]
| |
| − | | style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''Testimonial Ku 2.0 Admin Panel'''
| |
| − | | Summary: The Joomla component '''Testimonial Ku 2.0''' is vulnerable to persistent XSS in the administrator panel. A malicious user can submit a testimonial containing <script> tags with absolutely no quotes and inject that script into the administrator panel through any of the available inputs except "email". Added November 2009
| |
| − | | [http://jeffchannell.com/Joomla/testimonial-ku-20-admin-panel-persistent-xss.html Alert]
| |
| − | | style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''MS Comment 0.8.0b'''
| |
| − | | Summary '''MS Comment 0.8.0b for Joomla''', a commenting plugin, suffers from an multiple vulnerabilities. Added November 2009
| |
| − | | [http://jeffchannell.com/Joomla/ms-comment-080b-multiple-vulnerabilities.html Alert]
| |
| − | | style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black" | '''!JoomlaComment 4.0 beta1'''
| |
| − | | Summary: '''!JoomlaComment 4.0 beta1''', a commenting plugin, suffers from multiple XSS vulnerabilities. Added November 2009
| |
| − | | [http://jeffchannell.com/Joomla/joomlacomment-40-beta1-multiple-xss-vulnerabilities.html Alert]
| |
| − | | style="background:#cef2e0; color:white" | ''' [http://compojoom.com/blog/8-news/121-joomlacomment-40-rc1-released Developer Notice 4.0 rc1]''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''WebAmoeba Ticket System 3.0.0'''
| |
| − | | Summary: '''WebAmoeba Ticket System 3.0.0''', a Joomla help desk component. The vulnerability is with the BBCode library used to parse BBCode tags, as it does not strip javascript: urls from [url] tags. Added November 2009
| |
| − | | [http://jeffchannell.com/Joomla/webamoeba-ticket-system-300-bbcode-xss.html Alert]
| |
| − | | style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" |'''Kunena 1.5.x'''
| |
| − | |Summary: This is an important security release and users are urged to update immediately. Five security issues and an Internet Explorer 8 table bug have been resolved in this release. This release also contains many other important bug fixes. Added 18 November 2009
| |
| − | |[http://www.kunena.com/blog/19-developer-blog/51-kunena-157-security-release-now-available Advisory]
| |
| − | |style="background:#cef2e0; color:white" |[http://www.kunena.com/blog/19-developer-blog/52-kunena-158-service-release-now-available Latest 1.5.8 Version]
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_siirler'''
| |
| − | | Summary: SQL injection vulnerability in the '''Q-Proje Siirler Bileseni (com_siirler)''' component 1.2 RC for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in an sdetay action to index.php. Added 18 November 2009
| |
| − | | [[NIST:CVE-2009-3972 | CVE-2009-3972]]
| |
| − | | style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''jTips (com_jtips)'''
| |
| − | |SUmmary:SQL injection vulnerability in the '''jTips (com_jtips)''' component 1.0.7 and 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the season parameter in a ladder action to index.php. Added 18 November 2009
| |
| − | | [[NIST:CVE-2009-3971 |CVE-2009-3971]]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" |'''NinjaMonials'''
| |
| − | | Summary: SQL injection vulnerability in the '''NinjaMonials (com_ninjacentral)''' component 1.1.0 for '''Joomla 1.0.x''' ! allows remote attackers to execute arbitrary SQL commands via the testimID parameter in a display action to index.php. Added 18 November 2009
| |
| − | | [[NIST:CVE-2009-3964 | CVE-2009-3964]]
| |
| − | |style="background:#cef2e0; color:white" |''' [http://ninjaforge.com/index.php?option=com_ninjacentral&page=show_package&id=14&Itemid=235 developer patch Ver 1.2]'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''webee 1.1.1 &1.2'''
| |
| − | |Summary: '''webee 1.1.1,''' a Joomla commenting plugin, suffers from multiple vulnerabilities. '''webee has been updated to 1.2''' as of 12 November 2009 and''' still suffers''' from SQL Injection. XSS was not tested in 1.2. Added 19 November 2009
| |
| − | | [http://jeffchannell.com/Joomla/webee-111-multiple-vulnerabilities.html jeffchannell.com]
| |
| − | |style="background:#cef2e0; color:white" | ''' [http://extensions.joomla.org/extensions/contacts-and-feedback/articles-comments/10155 developer update ver2.0]'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" |'''iF Portfolio Nexus'''
| |
| − | |Summary: The '''iF Portfolio Nexus component for Joomla!''' is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements using the id parameter, which could allow the attacker to view, add, modify or delete information in the back-end database. Nov 18, 2009
| |
| − | |[http://secunia.com/advisories/37408/ secunia.com 37408/]
| |
| − | |style="background:#cef2e0; color:white" |[http://www.inertialfate.za.net/help/forums/topic?id=10&p=3#p172 iF Portfolio Nexus v1.1.1 released]
| |
| − | | |
| − | |-
| |
| − | |style="background:red; color:white" | '''JoomClip'''
| |
| − | |Summary: The '''JoomClip component for Joomla!''' is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the index.php script using the cat parameter, which could allow the attacker to view, add, modify or delete information in the back-end database. Nov 18, 2009
| |
| − | |[http://secunia.com/advisories/37400/ secunia.com 37400/]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" |'''Joomla XML'''
| |
| − | |Summary: Joomla! before 1.5.15 allows remote attackers to read an extension's XML file, and thereby obtain the extension's version number, via a direct request.
| |
| − | Published: 11/16/2009
| |
| − | |[[NIST:CVE-2009-3946 | CVE-2009-3946]]
| |
| − | |style="background:#cef2e0; color:white" |'''[http://developer.joomla.org/security/news/306-20091103-core-xml-file-read-issue.html Resolution]'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''Mygallery Remote SQL Injection Vulnerability'''
| |
| − | |Summary: Joomla Component mygallery ( farbinform_krell) Remote SQL Injection Vulnerability Added 27 Nov 2009 {{JVer|1.5}} NB: This could be an error in our database as the only one we could find was for wordpress.If anyone know of one for joomla please let us know..(poss joomlicious.com CM)
| |
| − | |[http://www.exploit-db.com]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''Extreme Google Calendar'''
| |
| − | |Summary: '''com_gcalendar 1.1.2''' (gcid) Remote SQL Injection Vulnerability
| |
| − | Remote SQL Injection were identified in Google Calendar Component [http://extensions.joomla.org/extensions/calendars-a-events/calendars/4188 Extension Link] Added 27 Nov 2009
| |
| − | |[http://www.exploit-db.com reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''LyftenBloggie'''
| |
| − | | Summary: [http://www.lyften.com/products/lyftenbloggie.html LyftenBloggie] Component "author" SQL Injection Vulnerability LyftenBloggie 1.x Added 27 Nov 2009
| |
| − | |[http://secunia.com/advisories/product/28005/ SA37499]
| |
| − | | [http://jeffchannell.com/Joomla/lyften-bloggie-sql-injection-fix.html Un official fix]. Developer fix not release at 30 Nov 09 ''' [http://www.lyften.com/products/lyftenbloggie/extensions/download/id-20.html 1.0.4a (last update on Dec 28, 2009)]'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" |'''Sermon speaker'''
| |
| − | |Summary: [http://joomlacode.org/gf/project/sermon_speaker sermon speaker] sql vulnerability and password reset vulnerability version 3.2 and below
| |
| − | |
| |
| − | |style="background:#cef2e0; color:white" |[http://joomlacode.org/gf/project/sermon_speaker/forum/?action=ForumBrowse&forum_id=7897&_forum_action=ForumMessageBrowse&thread_id=15219 Developer fix] 30 Nov 2009
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:white" | [http://joomlacode.org/gf/project/musicgallery/ MusicGallery]
| |
| − | |Summary: [http://joomlacode.org/gf/project/musicgallery/ Component MusicGallery] SQL Injection Vulnerability 30 November {{JVer|1.5}}
| |
| − | |[[NIST:CVE-2009-4217 | CVE-2009-4217]]
| |
| − | |style="background:#cef2e0; color:black" | [http://joomlacode.org/gf/project/musicgallery/ developer]
| |
| − | |}
| |
| − | | |
| − | ----
| |
| − | | |
| − | == December 2009 Compiled Reports ==
| |
| − | {| class="wikitable sortable" border="1"
| |
| − | |-
| |
| − | ! '''Extension'''
| |
| − | ! class="unsortable"| '''Details'''
| |
| − | ! '''Reference Link'''
| |
| − | ! '''Extension Update Link'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''Omilen Photo Gallery'''
| |
| − | |Summary: Directory traversal vulnerability in the [http://extensions.joomla.org/extensions/photos-&-images/photo-flash-gallery/6373/details Omilen Photo Gallery] (com_omphotogallery) component Beta 0.5 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php.
| |
| − | Published: 12/04/2009
| |
| − | |[[NIST:CVE-2009-4202 | CVE-2009-4202]]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''Seminar'''
| |
| − | |Summary: SQL injection vulnerability in the [http://seminar.vollmar.ws/ Seminar] (com_seminar) component 1.28 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a View_seminar action to index.php.
| |
| − | Published: 12/04/2009
| |
| − | |[[NIST:CVE-2009-4200 | CVE-2009-4200]]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''Mambo Resident'''
| |
| − | |Summary: Multiple SQL injection vulnerabilities in the Mambo Resident (aka Mos Res or com_mosres) component 1.0f for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) property_uid parameter in a viewproperty action to index.php and the (2) regID parameter in a showregion action to index.php. Mambo Resident component for v4.5.2 '''may only be for 1.0.xx versions of J!'''
| |
| − | Published: 12/04/2009
| |
| − | |[[NIST:CVE-2009-4199 | CVE-2009-4199]]
| |
| − | |style="background:#cef2e0; color:white" |[http://www.jomres.net/ Replacement Extension 08 dec 09]
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''ProofReader'''
| |
| − | |Summary: Multiple cross-site scripting (XSS) vulnerabilities in index.php in the ProofReader (com_proofreader) component 1.0 RC9 and earlier for Joomla! allow remote attackers to inject arbitrary web script or HTML via the URI, which is not properly handled in (1) 404 or (2) error pages. Published: 12/02/2009 CVSS Severity: 4.3 (MEDIUM)
| |
| − | | [[NIST:CVE-2009-4157 | CVE-2009-4157]]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''Laoneo Google Calendar GCalendar'''
| |
| − | |Summary: SQL injection vulnerability in the [http://g4j.laoneo.net/content/extensions/download/cat_view/20-joomla-15x/21-gcalendar.html Google Calendar GCalendar] (com_gcalendar) component 1.1.2, 2.1.4, and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the gcid parameter. NOTE: some of these details are obtained from third party information. Published: 11/29/2009 CVSS Severity: 7.5 (HIGH) Note: There is already a listing for GCalendar 1.1.2
| |
| − | |[[NIST:CVE-2009-4099 | CVE-2009-4099]]
| |
| − | |style="background:#cef2e0; color:white" | [http://g4j.laoneo.net/content/extensions/download/doc_details/28-gcalendar-suite-215.html Latest version GCalendar Suite 2.1.5]
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''D4J eZine'''
| |
| − | |Summary: PHP remote file inclusion vulnerability in class/php/d4m_ajax_pagenav.php in the D4J eZine (com_ezine) component 2.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS mosConfig_absolute_path parameter. Published: 11/29/2009 CVSS Severity: 7.5 (HIGH)
| |
| − | |[[NIST:CVE-2009-4094 | CVE-2009-4094]]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''Quick News'''
| |
| − | | Summary: The Joomla [http://joomlacode.org/gf/project/quicknews/ Quick News component] suffers from a remote SQL injection vulnerability. added 1st Dec 09
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''Joaktree component'''
| |
| − | |Summary: [http://extensions.joomla.org/extensions/miscellaneous/genealogy/9842 Joaktree] Vulnerability : SQL injection/ added 1st Dec 09
| |
| − | |[http://securityreason.com/exploitalert/7508 7508]
| |
| − | |style="background:#cef2e0; color:white" | ''' [http://naastniels.nl/index.php/en/joaktree/downloads version 1.1 update]'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''mojoblog'''
| |
| − | |Summary [http://www.joomlify.com/files/mojoblog/ MojoBlog] Multiple Remote File Include Vulnerability added 1st Dec 09 {{JVer|1.5}}
| |
| − | |[http://securityreason.com/exploitalert/7509 7509]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''YJ Whois'''
| |
| − | |Summary: [http://extensions.joomla.org/extensions/external-contents/domain-search/5774 YJ Whois] '''Low security risk''',and fixesMalicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable application to fool a user in order to gather data from them. An attacker can steal the session cookie and take over the account. Files affected is , modules/mod_yj_whois.php added 3 December 09
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:#cef2e0; color:white" |[http://www.youjoomla.com/xss-security-patch-for-yj-whois.html Developer Notice and fix 03 dec 09]
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''yt_color YOOOtheme'''
| |
| − | |Summary: [http://www.yootheme.com/ YT_color yootheme] Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable application to fool a user in order to gather data from them. An attacker can steal the session cookie and take over the account. added 5 dec 09
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:#cef2e0; color:white" | ''' [http://www.yootheme.com/member-area/downloads/item/templates-15/xss-and-php-53-patches All members without an active membership can download the template patches here].'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''TP Whois'''
| |
| − | |summary: [http://www.templateplazza.com/view-details/tpwhois/183-component-tp-whois-for-joomla-1.5.x.html TP Whois ] Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable application to fool a user in order to gather data from them. An attacker can steal the session cookie and take over the account. Added 3 december {{JVer|1.5}}
| |
| − | |[http://www.exploit-db.com Refrence]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''com_job'''
| |
| − | |Summary: Component com_job ( showMoreUse) SQL injection vulnerability Added 9th Dec
| |
| − | |[http://xforce.iss.net/xforce/xfdb/54626 Reference]
| |
| − | | style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''JQuarks'''
| |
| − | |Summary: [http://extensions.joomla.org/extensions/contacts-and-feedback/quiz-a-surveys/10590 JQuarks] SQL injection vulnerability {{JVer|1.5}} added 8th dec 09
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:#cef2e0; color:white" | [http://www.iptechinside.com/labs/projects/list_files/jquarks Developer Update ]
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''Mamboleto Component 2.0 RC3'''
| |
| − | |Summary: [http://www.fernandosoares.com.br/index.php?option=com_docman&task=cat_view&gid=28&Itemid=28 Mamboleto Component 2.0 RC3]SQL injection vulnerability {{JVer|1.5}} added 12 December
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black" | ''' JS JOBS'''
| |
| − | |Summary [http://www.joomshark.com/index.php?option=com_content&view=article&id=4&Itemid=8 JS JOBS] Joomla Component com_jsjobs 1.0.5.6 SQL Injection Vulnerabilities {{JVer|1.5}} added 12 December
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:#cef2e0; color:white" | ''' [http://www.joomsky.com/index.php?option=com_rokdownloads&view=folder&Itemid=3&id=2:components Developer update 1.0.5.7]'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''corePHP JPhoto'''
| |
| − | |Summary: [http://extensions.joomla.org/extensions/photos-a-images/photo-gallery/10365 'corePHP' JPhoto]SQL injection vulnerability {{JVer|1.5}} added 12 December
| |
| − | |[http://secunia.com/advisories/37676/ Reference]
| |
| − | |style="background:#cef2e0; color:white" | ''' [http://www.corephp.com/blog/uber-fast-jphoto-security-release/ Developer Upgrade]'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''com_virtuemart'''
| |
| − | |Summary: "com_virtuemart" http://virtuemart.net/ '''Version : 1.0''' Vulnerability : SQL injection added Date : 07- dec -09 {{JVer|1.5}}
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:#cef2e0; color:white" |[http://virtuemart.net/ latest version]
| |
| − | |-
| |
| − | |style="background:red; color:white" | ''' Kide Shoutbox'''
| |
| − | | |
| − | |Summary: The Kide Shoutbox (com_kide) component 0.4.6 for Joomla! does not properly perform authentication, which allows remote attackers to post messages with an arbitrary account name via an insertar action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Added: December 08
| |
| − | |[[NIST:CVE-2009-4232 | CVE-2009-4232]]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | ''' JoomPortfolio Component'''
| |
| − | |Summary: [http://www.joomplace.com/joomportfolio/joomportfolio.html JoomPortfolio] Input passed via the "secid" parameter to index.php (when "option" is set to "com_joomportfolio" and "task" is set to "showcat") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.The vulnerability is reported in version 1.0.0. Other versions may also be affected. Added: December 18 {{JVer|1.5}}
| |
| − | |[http://secunia.com/advisories/37838/ Reporting Site]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''City Portal (templates?)'''
| |
| − | |Summary: City Portal Blind SQL Injection Vulnerability added: 2009-12-18
| |
| − | |[http://www.exploit-db.com Reference] Possibly this [http://www.youjoomla.com/jclick-city-portal-joomla-template.html tempate]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''Event Manager'''
| |
| − | |Summary: [http://www.jforjoomla.com/Joomla-Components/event-manager-15-component.html Event Manager] Blind SQL Injection Vulnerability EDB-ID: 10549
| |
| − | added: 2009-12-18
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | com_zcalendar
| |
| − | |Summary: com_zcalendar Blind SQL-injection Vulnerability
| |
| − | EDB-ID: 10548 added: 2009-12-18
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''com_acmisc'''
| |
| − | |Summary: com_acmisc SQL injection added: 2009-12-18
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''com_digistore'''
| |
| − | |Summary: com_digistore SQL injection EDB-ID: 10546 added: 2009-12-18 {{JVer|1.5}}
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:#cef2e0; color:white" | ''' [http://www.ijoomla.com/ijoomla-digistore/ijoomla-digistore/ijoomla-digistore-change-log/ Update change log] '''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''com_jbook'''
| |
| − | |Summary: com_jbook Blind SQL-injection EDB-ID: 10545 added: 2009-12-18 {{JVer|1.0}}
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''com_personel'''
| |
| − | |Summary: com_personel component for Joomla! is vulnerable to SQL injection.
| |
| − | |[http://xforce.iss.net/xforce/xfdb/54903 iss.net reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''JEEMA Article Collection'''
| |
| − | |Summary: [http://www.forum.jeema.net/component/content/article/4-jeema-article-collection-component/13-about-jeema-article-collection.html JEEMA Article Collection] Input passed via the "catid" parameter to index.php (when "option" is set to "com_jeemaarticlecollection" and "view" is set to "longlook") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. version 1.0.0.1 {{JVer|1.5}} added 22 dec 09
| |
| − | | [http://secunia.com/advisories/37865/ secunia]
| |
| − | |style="background:#cef2e0; color:white" | [http://www.jeema.net/downloads/free-joomla-extensions/joomla-components/12-jeema-joomla-article-collection.htm fixed the same in the version v102.]
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''HotBrackets Tournament Brackets '''
| |
| − | |Summary: The [http://extensions.joomla.org/extensions/sports-a-games/sports/10746 HotBrackets Tournament Brackets] component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. {{JVer|1.5}} added 22 dec
| |
| − | |[http://www.securityfocus.com/bid/37439/ Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''Car Manager'''
| |
| − | |Summary: http://webformatique.com/ com_carman Cross Site Scripting Vulnerability added 24 december 09{{JVer|1.5}}
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" |'''Schools component'''
| |
| − | |Summary: The 'com_schools' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
| |
| − | |[http://www.securityfocus.com/bid/37469 Reference] added 24 dec 09
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''webcamxp'''
| |
| − | |[http://extensions.joomla.org/extensions/communication/video-conference/4490 com_webcamxp] Cross Site Scripting Vulnerabilities Last version 2008 {{JVer|1.5}} Dec 27
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''beeheard'''
| |
| − | |[http://extensions.joomla.org/extensions/contacts-and-feedback/testimonials-a-suggestions/10283 beeheard] Blind SQL injection Vulnerability {{JVer|1.5}} Dec 27
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:#cef2e0; color:white" | ''' [http://beeheard.cmstactics.com/change-log Version 1.4.2] 04 Jan'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''jm-recommend'''
| |
| − | |jm-recommendCross Site Scripting Vulnerabilities. unable to locate on jed. {{JVer|1.5}} Dec 27
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | facileforms
| |
| − | | com_facileforms Cross Site Scripting Vulnerabilities. unable to locate on jed. Product considered retired. {{JVer|1.5}} Dec 27
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" |'''adagency'''
| |
| − | | [http://www.ijoomla.com/ijoomla-ad-agency/ijoomla-ad-agency/index/ adagency ]Vulnerabilities {{JVer|1.5}} Dec 27
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''com_intuit'''
| |
| − | |[http://www.san-diego-web-designer.com/new-file-download/item/root/aboutimage-igateway-for-joomla.html com_intuit]Local File Inclusion Vulnerability {{JVer|1.5}} Dec. 27
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:#cef2e0; color:white" | ''' [http://www.securityfocus.com/bid/37494/discuss Retired]'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''MemoryBook'''
| |
| − | |[http://extensions.joomla.org/extensions/calendars-a-events/birthdays-a-historic-events/10868 MemoryBook 1.2] Multiple Vulnerabilities. requires: magic quotes OFF, user account {{JVer|1.5}} Dec. 27
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" |'''qpersonel'''
| |
| − | |[http://extensions.joomla.org/extensions/directory-a-documentation/thematic-directory/7049 qpersonel ] Cross Site Scripting Vulnerabilities {{JVer|1.0}}[[Image:http://extensions.joomla.org/images/jed/compat_15_legacy.png]] Dec. 27
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" |'''opryknings point'''
| |
| − | |com_oprykningspoint_mc Cross Site Scripting Vulnerabilities {{JVer|1.5}} Dec. 27
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" |'''trabalhe conosco'''
| |
| − | |com_trabalhe_conosco Cross Site Scripting Vulnerabilities {{JVer|1.5}} Dec. 27
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" |'''DhForum'''
| |
| − | |com_dhforum SQL Injection Vulnerability. considered retired/EOL Dec. 27 {{JVer|1.0}}1.5 legacy
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" |'''com_morfeoshow'''
| |
| − | |[http://extensions.joomla.org/extensions/photos-a-images/photo-gallery-add-ons/9810 morfeoshow] this was a false report
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:#cef2e0; color:black" | ''' false report'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" |'''Run Digital Download rd-download'''
| |
| − | |[http://extensions.joomla.org/extensions/directory-a-documentation/downloads/7838 RD Download] Local File Disclosure Vulnerability {{JVer|1.5}} Dec. 30 Version affected not disclosed.
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:#cef2e0; color:white" | [http://extensions.joomla.org/extensions/directory-a-documentation/downloads/7838 Version 0.9 relased]
| |
| − | |-
| |
| − | |
| |
| − | |
| |
| − | |
| |
| − | |
| |
| − | |}
| |
| − | == November 2009 Compiled Vulnerability Reports. RESOLVED ONLY ==
| |
| − |
| |
| − | | |
| − | Items are not in any particular order.
| |
| − | | |
| − | | |
| − | {| class="wikitable sortable" border="1"
| |
| − | |-
| |
| − | ! '''Extension'''
| |
| − | ! class="unsortable"| '''Details'''
| |
| − | ! '''Reference Link'''
| |
| − | ! '''Extension Update Link'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_djcatalog'''
| |
| − | | Summary: Multiple SQL injection vulnerabilities in the DJ-Catalog ('''com_djcatalog''') component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a showItem action and (2) cid parameter in a show action to index.php.
| |
| − | Published: 10/11/2009
| |
| − | CVSS Severity: 6.8 (MEDIUM)
| |
| − | | [[NIST:CVE-2009-3661|CVE-2009-3661]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_soundset'''
| |
| − | | Summary: SQL injection vulnerability in the Soundset ('''com_soundset''') component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to index.php.
| |
| − | Published: 10/09/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3644|CVE-2009-3644]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" |'''com_sportfusion'''
| |
| − | | Summary: SQL injection vulnerability in the Kinfusion SportFusion ('''com_sportfusion''') component 0.2.2 through 0.2.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a teamdetail action to index.php.
| |
| − | Published: 09/30/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3491|CVE-2009-3491]]
| |
| − | | style="background:red; color:white" |'''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_icrmbasic'''
| |
| − | | Summary: A certain interface in the iCRM Basic ('''com_icrmbasic''') component 1.4.2.31 for Joomla! does not require administrative authentication, which has unspecified impact and remote attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
| |
| − | Published: 09/30/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3481|CVE-2009-3481]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_mytube'''
| |
| − | | Summary: SQL injection vulnerability in the MyRemote Video Gallery ('''com_mytube''') component 1.0 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a videos action to index.php.
| |
| − | Published: 09/28/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3446|CVE-2009-3446]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | '''com_facebook'''
| |
| − | | Summary: SQL injection vulnerability in the JoomlaFacebook ('''com_facebook''') component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a student action to index.php.
| |
| − | Published: 09/28/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3438|CVE-2009-3438]]
| |
| − | | [http://extensions.joomla.org/extensions/4446/details JED entry.] [http://forge.joomla.org/gf/project/joomla-facebook/ Download site] Developer states reports not proven 24/07/10
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_tupinambis'''
| |
| − | | Summary: SQL injection vulnerability in the Tupinambis ('''com_tupinambis''') component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the proyecto parameter in a verproyecto action to index.php.
| |
| − | Published: 09/28/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3434|CVE-2009-3434]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_hbssearch'''
| |
| − | | Summary: Cross-site scripting ('''XSS''') vulnerability in the Hotel Booking Reservation System ('''aka HBS or com_hbssearch''') component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the adult parameter in a showhoteldetails action to index.php.
| |
| − | Published: 09/24/2009
| |
| − | CVSS Severity: 4.3 ('''MEDIUM''')
| |
| − | | [[NIST:CVE-2009-3368|CVE-2009-3368]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_hbssearch'''
| |
| − | | Summary: Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System ('''aka HBS or com_hbssearch''') component for Joomla! allow remote attackers to execute arbitrary SQL commands via the ('''1''') h_id, ('''2''') id, and ('''3''') rid parameters to longDesc.php, and the h_id parameter to ('''4''') detail.php, ('''5''') detail1.php, ('''6''') detail2.php, ('''7''') detail3.php, ('''8''') detail4.php, ('''9''') detail5.php, ('''10''') detail6.php, ('''11''') detail7.php, and ('''12''') detail8.php, different vectors than [[NIST:CVE-2008-5865|CVE-2008-5865]], [[NIST:CVE-2008-5874|CVE-2008-5874]], and [[NIST:CVE-2008-5875|CVE-2008-5875]].
| |
| − | Published: 09/24/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3357|CVE-2009-3357]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''TurtuShout'''
| |
| − | | Summary: SQL injection vulnerability in the TurtuShout component 0.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Name field.
| |
| − | Published: 09/24/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3335|CVE-2009-3335]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_jinc'''
| |
| − | | Summary: SQL injection vulnerability in the Lhacky! Extensions Cave Joomla! Integrated Newsletters Component ('''aka JINC or com_jinc''') component 0.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a messages action to index.php.
| |
| − | Published: 09/23/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3334|CVE-2009-3334]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_surveymanager'''
| |
| − | | Summary: SQL injection vulnerability in the Focusplus Developments Survey Manager ('''com_surveymanager''') component 1.5.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the stype parameter in an editsurvey action to index.php.
| |
| − | Published: 09/23/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3325|CVE-2009-3325]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_album'''
| |
| − | | Summary: Directory traversal vulnerability in the Roland Breedveld Album ('''com_album''') component 1.14 for Joomla! allows remote attackers to access arbitrary directories and have unspecified other impact via a .. ('''dot dot''') in the target parameter to index.php.
| |
| − | Published: 09/23/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3318|CVE-2009-3318]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''IXXO Cart Standalone'''
| |
| − | | Summary: SQL injection vulnerability in IXXO Cart Standalone before 3.9.6.1, and the IXXO Cart component for Joomla! 1.0.x, allows remote attackers to execute arbitrary SQL commands via the parent parameter.
| |
| − | Published: 09/16/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3215|CVE-2009-3215]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_digifolio'''
| |
| − | | Summary: SQL injection vulnerability in the DigiFolio ('''com_digifolio''') component 1.52 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a project action to index.php.
| |
| − | Published: 09/15/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3193|CVE-2009-3193]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_aclassf'''
| |
| − | | Summary: Cross-site scripting ('''XSS''') vulnerability in '''gmap.php''' in the Almond Classifieds ('''com_aclassf''') component 7.5 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the addr parameter.
| |
| − | Published: 09/10/2009
| |
| − | CVSS Severity: 4.3 ('''MEDIUM''')
| |
| − | | [[NIST:CVE-2009-3155|CVE-2009-3155]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_jabode'''
| |
| − | | Summary: SQL injection vulnerability in Jabode horoscope extension ('''com_jabode''') for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a sign task to index.php.
| |
| − | Published: 09/08/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | |
| − | | [[NIST:CVE-2008-7169|CVE-2008-7169]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_gameserver'''
| |
| − | | Summary: SQL injection vulnerability in the Game Server ('''com_gameserver''') component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a gamepanel action to index.php.
| |
| − | Published: 09/03/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3063|CVE-2009-3063]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_artportal'''
| |
| − | | Summary: SQL injection vulnerability in the Artetics.com Art Portal ('''com_artportal''') component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the portalid parameter to index.php.
| |
| − | Published: 09/03/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3054|CVE-2009-3054]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_simpleshop'''
| |
| − | | Summary: SQL injection vulnerability in the Simple Shop Galore ('''com_simpleshop''') component for Joomla! allows remote attackers to execute arbitrary SQL commands via the section parameter in a section action to index.php, a different vulnerability than [[NIST:CVE-2008-2568|CVE-2008-2568]]. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect.
| |
| − | Published: 08/24/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2008-7033|CVE-2008-7033]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_groups'''
| |
| − | | Summary: SQL injection vulnerability in the Permis ('''com_groups''') component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a list action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
| |
| − | Published: 08/17/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-2789|CVE-2009-2789]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_livechat'''
| |
| − | | Summary: SQL injection vulnerability in the Live Chat ('''com_livechat''') component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the last parameter to getChatRoom.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
| |
| − | Published: 07/30/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2008-6883|CVE-2008-6883]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_livechat'''
| |
| − | | Summary: Live Chat ('''com_livechat''') component 1.0 for Joomla! allows remote attackers to use the xmlhttp.php script as an open HTTP proxy to hide network scanning activities or scan internal networks via a GET request with a full URL in the query string.
| |
| − | Published: 07/30/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2008-6882|CVE-2008-6882]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_livechat'''
| |
| − | | Summary: Multiple SQL injection vulnerabilities in the Live Chat ('''com_livechat''') component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the last parameter to ('''1''') getChat.php, ('''2''') getChatRoom.php, and ('''3''') getSavedChatRooms.php.
| |
| − | Published: 07/30/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2008-6881|CVE-2008-6881]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_jshop'''
| |
| − | | Summary: SQL injection vulnerability in the JShop ('''com_jshop''') component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a product action to index.php. | |
| − | Published: 11/02/2009
| |
| − | CVSS Severity: 7.5 '''(HIGH)'''
| |
| − | | [[NIST:CVE-2009-3835|CVE-2009-3835]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black"| '''EasyBook 2.0.0rc4'''
| |
| − | | Summary: The Joomla component '''EasyBook 2.0.0rc4''' suffers from multiple persistent XSS vulnerabilities. One seems fairly critical, while the others would take some incredible creativity to actively exploit. Added November 2009
| |
| − | | [http://jeffchannell.com/Joomla/easybook-200rc4-multiple-xss-vulnerabilities.html Alert]
| |
| − | | style="background:#cef2e0; color:black"| '''
| |
| − | [http://www.kubik-rubik.de/joomla-hilfe/komponente-easybook-reloaded-joomla easybook reloaded released]
| |
| − | '''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''F!BB 1.5.96'''
| |
| − | | Summary: The Joomla component '''F!BB 1.5.96 RC''' suffers from multiple persistent XSS vulnerabilities, as well SQL Injection in its user search feature. Added November 2009
| |
| − | | [http://jeffchannell.com/Joomla/fbb-1596-rc-multiple-vulnerabilities.html Alert]
| |
| − | | style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''Testimonial Ku 2.0 Admin Panel'''
| |
| − | | Summary: The Joomla component '''Testimonial Ku 2.0''' is vulnerable to persistent XSS in the administrator panel. A malicious user can submit a testimonial containing <script> tags with absolutely no quotes and inject that script into the administrator panel through any of the available inputs except "email". Added November 2009
| |
| − | | [http://jeffchannell.com/Joomla/testimonial-ku-20-admin-panel-persistent-xss.html Alert]
| |
| − | | style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''MS Comment 0.8.0b'''
| |
| − | | Summary '''MS Comment 0.8.0b for Joomla''', a commenting plugin, suffers from an multiple vulnerabilities. Added November 2009
| |
| − | | [http://jeffchannell.com/Joomla/ms-comment-080b-multiple-vulnerabilities.html Alert]
| |
| − | | style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''WebAmoeba Ticket System 3.0.0'''
| |
| − | | Summary: '''WebAmoeba Ticket System 3.0.0''', a Joomla help desk component. The vulnerability is with the BBCode library used to parse BBCode tags, as it does not strip javascript: urls from [url] tags. Added November 2009
| |
| − | | [http://jeffchannell.com/Joomla/webamoeba-ticket-system-300-bbcode-xss.html Alert]
| |
| − | | style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_siirler'''
| |
| − | | Summary: SQL injection vulnerability in the '''Q-Proje Siirler Bileseni (com_siirler)''' component 1.2 RC for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in an sdetay action to index.php. Added 18 November 2009
| |
| − | | [[NIST:CVE-2009-3972 | CVE-2009-3972]]
| |
| − | | style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''jTips (com_jtips)'''
| |
| − | |SUmmary:SQL injection vulnerability in the '''jTips (com_jtips)''' component 1.0.7 and 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the season parameter in a ladder action to index.php. Added 18 November 2009
| |
| − | | [[NIST:CVE-2009-3971 |CVE-2009-3971]]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''JoomClip'''
| |
| − | |Summary: The '''JoomClip component for Joomla!''' is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the index.php script using the cat parameter, which could allow the attacker to view, add, modify or delete information in the back-end database. Nov 18, 2009
| |
| − | |[http://secunia.com/advisories/37400/ secunia.com 37400/]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''Mygallery Remote SQL Injection Vulnerability'''
| |
| − | |Summary: Joomla Component mygallery ( farbinform_krell) Remote SQL Injection Vulnerability Added 27 Nov 2009 {{JVer|1.5}} NB: This could be an error in our database as the only one we could find was for wordpress.If anyone know of one for joomla please let us know..(poss joomlicious.com CM)
| |
| − | |[http://www.exploit-db.com]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''Extreme Google Calendar'''
| |
| − | |Summary: '''com_gcalendar 1.1.2''' (gcid) Remote SQL Injection Vulnerability
| |
| − | Remote SQL Injection were identified in Google Calendar Component [http://extensions.joomla.org/extensions/calendars-a-events/calendars/4188 Extension Link] Added 27 Nov 2009
| |
| − | |[http://www.exploit-db.com reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''LyftenBloggie'''
| |
| − | | Summary: [http://www.lyften.com/products/lyftenbloggie.html LyftenBloggie] Component "author" SQL Injection Vulnerability LyftenBloggie 1.x Added 27 Nov 2009
| |
| − | |[http://secunia.com/advisories/product/28005/ SA37499]
| |
| − | | [http://jeffchannell.com/Joomla/lyften-bloggie-sql-injection-fix.html Un official fix]. Developer fix not release at 30 Nov 09 ''' [http://www.lyften.com/products/lyftenbloggie/extensions/download/id-20.html 1.0.4a (last update on Dec 28, 2009)]'''
| |
| − | |}
| |
| − | | |
| − | == November 2009 Compiled Vulnerability Reports. ==
| |
| − |
| |
| − | | |
| − | Items are not in any particular order.
| |
| − | | |
| − | | |
| − | {| class="wikitable sortable" border="1"
| |
| − | |-
| |
| − | ! '''Extension'''
| |
| − | ! class="unsortable"| '''Details'''
| |
| − | ! '''Reference Link'''
| |
| − | ! '''Extension Update Link'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_djcatalog'''
| |
| − | | Summary: Multiple SQL injection vulnerabilities in the DJ-Catalog ('''com_djcatalog''') component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a showItem action and (2) cid parameter in a show action to index.php.
| |
| − | Published: 10/11/2009
| |
| − | CVSS Severity: 6.8 (MEDIUM)
| |
| − | | [[NIST:CVE-2009-3661|CVE-2009-3661]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_soundset'''
| |
| − | | Summary: SQL injection vulnerability in the Soundset ('''com_soundset''') component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to index.php.
| |
| − | Published: 10/09/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3644|CVE-2009-3644]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" |'''com_sportfusion'''
| |
| − | | Summary: SQL injection vulnerability in the Kinfusion SportFusion ('''com_sportfusion''') component 0.2.2 through 0.2.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a teamdetail action to index.php.
| |
| − | Published: 09/30/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3491|CVE-2009-3491]]
| |
| − | | style="background:red; color:white" |'''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_icrmbasic'''
| |
| − | | Summary: A certain interface in the iCRM Basic ('''com_icrmbasic''') component 1.4.2.31 for Joomla! does not require administrative authentication, which has unspecified impact and remote attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
| |
| − | Published: 09/30/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3481|CVE-2009-3481]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_mytube'''
| |
| − | | Summary: SQL injection vulnerability in the MyRemote Video Gallery ('''com_mytube''') component 1.0 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a videos action to index.php.
| |
| − | Published: 09/28/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3446|CVE-2009-3446]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | '''com_facebook'''
| |
| − | | Summary: SQL injection vulnerability in the JoomlaFacebook ('''com_facebook''') component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a student action to index.php.
| |
| − | Published: 09/28/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3438|CVE-2009-3438]]
| |
| − | | [http://extensions.joomla.org/extensions/4446/details JED entry.] [http://forge.joomla.org/gf/project/joomla-facebook/ Download site] Developer states reports not proven 24/07/10
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_tupinambis'''
| |
| − | | Summary: SQL injection vulnerability in the Tupinambis ('''com_tupinambis''') component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the proyecto parameter in a verproyecto action to index.php.
| |
| − | Published: 09/28/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3434|CVE-2009-3434]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_hbssearch'''
| |
| − | | Summary: Cross-site scripting ('''XSS''') vulnerability in the Hotel Booking Reservation System ('''aka HBS or com_hbssearch''') component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the adult parameter in a showhoteldetails action to index.php.
| |
| − | Published: 09/24/2009
| |
| − | CVSS Severity: 4.3 ('''MEDIUM''')
| |
| − | | [[NIST:CVE-2009-3368|CVE-2009-3368]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_hbssearch'''
| |
| − | | Summary: Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System ('''aka HBS or com_hbssearch''') component for Joomla! allow remote attackers to execute arbitrary SQL commands via the ('''1''') h_id, ('''2''') id, and ('''3''') rid parameters to longDesc.php, and the h_id parameter to ('''4''') detail.php, ('''5''') detail1.php, ('''6''') detail2.php, ('''7''') detail3.php, ('''8''') detail4.php, ('''9''') detail5.php, ('''10''') detail6.php, ('''11''') detail7.php, and ('''12''') detail8.php, different vectors than [[NIST:CVE-2008-5865|CVE-2008-5865]], [[NIST:CVE-2008-5874|CVE-2008-5874]], and [[NIST:CVE-2008-5875|CVE-2008-5875]].
| |
| − | Published: 09/24/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3357|CVE-2009-3357]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''TurtuShout'''
| |
| − | | Summary: SQL injection vulnerability in the TurtuShout component 0.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Name field.
| |
| − | Published: 09/24/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3335|CVE-2009-3335]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_jinc'''
| |
| − | | Summary: SQL injection vulnerability in the Lhacky! Extensions Cave Joomla! Integrated Newsletters Component ('''aka JINC or com_jinc''') component 0.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a messages action to index.php.
| |
| − | Published: 09/23/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3334|CVE-2009-3334]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_surveymanager'''
| |
| − | | Summary: SQL injection vulnerability in the Focusplus Developments Survey Manager ('''com_surveymanager''') component 1.5.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the stype parameter in an editsurvey action to index.php.
| |
| − | Published: 09/23/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3325|CVE-2009-3325]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_album'''
| |
| − | | Summary: Directory traversal vulnerability in the Roland Breedveld Album ('''com_album''') component 1.14 for Joomla! allows remote attackers to access arbitrary directories and have unspecified other impact via a .. ('''dot dot''') in the target parameter to index.php.
| |
| − | Published: 09/23/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3318|CVE-2009-3318]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''IXXO Cart Standalone'''
| |
| − | | Summary: SQL injection vulnerability in IXXO Cart Standalone before 3.9.6.1, and the IXXO Cart component for Joomla! 1.0.x, allows remote attackers to execute arbitrary SQL commands via the parent parameter.
| |
| − | Published: 09/16/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3215|CVE-2009-3215]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_digifolio'''
| |
| − | | Summary: SQL injection vulnerability in the DigiFolio ('''com_digifolio''') component 1.52 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a project action to index.php.
| |
| − | Published: 09/15/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3193|CVE-2009-3193]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_aclassf'''
| |
| − | | Summary: Cross-site scripting ('''XSS''') vulnerability in '''gmap.php''' in the Almond Classifieds ('''com_aclassf''') component 7.5 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the addr parameter.
| |
| − | Published: 09/10/2009
| |
| − | CVSS Severity: 4.3 ('''MEDIUM''')
| |
| − | | [[NIST:CVE-2009-3155|CVE-2009-3155]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_jabode'''
| |
| − | | Summary: SQL injection vulnerability in Jabode horoscope extension ('''com_jabode''') for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a sign task to index.php.
| |
| − | Published: 09/08/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | |
| − | | [[NIST:CVE-2008-7169|CVE-2008-7169]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_gameserver'''
| |
| − | | Summary: SQL injection vulnerability in the Game Server ('''com_gameserver''') component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a gamepanel action to index.php.
| |
| − | Published: 09/03/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3063|CVE-2009-3063]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_artportal'''
| |
| − | | Summary: SQL injection vulnerability in the Artetics.com Art Portal ('''com_artportal''') component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the portalid parameter to index.php.
| |
| − | Published: 09/03/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-3054|CVE-2009-3054]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_simpleshop'''
| |
| − | | Summary: SQL injection vulnerability in the Simple Shop Galore ('''com_simpleshop''') component for Joomla! allows remote attackers to execute arbitrary SQL commands via the section parameter in a section action to index.php, a different vulnerability than [[NIST:CVE-2008-2568|CVE-2008-2568]]. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect.
| |
| − | Published: 08/24/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2008-7033|CVE-2008-7033]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_groups'''
| |
| − | | Summary: SQL injection vulnerability in the Permis ('''com_groups''') component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a list action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
| |
| − | Published: 08/17/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2009-2789|CVE-2009-2789]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_livechat'''
| |
| − | | Summary: SQL injection vulnerability in the Live Chat ('''com_livechat''') component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the last parameter to getChatRoom.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
| |
| − | Published: 07/30/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2008-6883|CVE-2008-6883]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_livechat'''
| |
| − | | Summary: Live Chat ('''com_livechat''') component 1.0 for Joomla! allows remote attackers to use the xmlhttp.php script as an open HTTP proxy to hide network scanning activities or scan internal networks via a GET request with a full URL in the query string.
| |
| − | Published: 07/30/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2008-6882|CVE-2008-6882]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_livechat'''
| |
| − | | Summary: Multiple SQL injection vulnerabilities in the Live Chat ('''com_livechat''') component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the last parameter to ('''1''') getChat.php, ('''2''') getChatRoom.php, and ('''3''') getSavedChatRooms.php.
| |
| − | Published: 07/30/2009
| |
| − | CVSS Severity: 7.5 ('''HIGH''')
| |
| − | | [[NIST:CVE-2008-6881|CVE-2008-6881]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_jshop'''
| |
| − | | Summary: SQL injection vulnerability in the JShop ('''com_jshop''') component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a product action to index.php.
| |
| − | Published: 11/02/2009
| |
| − | CVSS Severity: 7.5 '''(HIGH)'''
| |
| − | | [[NIST:CVE-2009-3835|CVE-2009-3835]]
| |
| − | | style="background:red; color:white" | '''Not Known'''
| |
| − | |-
| |
| − | | style="background:#cef2e0; color:black"| '''EasyBook 2.0.0rc4'''
| |
| − | | Summary: The Joomla component '''EasyBook 2.0.0rc4''' suffers from multiple persistent XSS vulnerabilities. One seems fairly critical, while the others would take some incredible creativity to actively exploit. Added November 2009
| |
| − | | [http://jeffchannell.com/Joomla/easybook-200rc4-multiple-xss-vulnerabilities.html Alert]
| |
| − | | style="background:#cef2e0; color:black"| '''
| |
| − | [http://www.kubik-rubik.de/joomla-hilfe/komponente-easybook-reloaded-joomla easybook reloaded released]
| |
| − | '''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''F!BB 1.5.96'''
| |
| − | | Summary: The Joomla component '''F!BB 1.5.96 RC''' suffers from multiple persistent XSS vulnerabilities, as well SQL Injection in its user search feature. Added November 2009
| |
| − | | [http://jeffchannell.com/Joomla/fbb-1596-rc-multiple-vulnerabilities.html Alert]
| |
| − | | style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''Testimonial Ku 2.0 Admin Panel'''
| |
| − | | Summary: The Joomla component '''Testimonial Ku 2.0''' is vulnerable to persistent XSS in the administrator panel. A malicious user can submit a testimonial containing <script> tags with absolutely no quotes and inject that script into the administrator panel through any of the available inputs except "email". Added November 2009
| |
| − | | [http://jeffchannell.com/Joomla/testimonial-ku-20-admin-panel-persistent-xss.html Alert]
| |
| − | | style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''MS Comment 0.8.0b'''
| |
| − | | Summary '''MS Comment 0.8.0b for Joomla''', a commenting plugin, suffers from an multiple vulnerabilities. Added November 2009
| |
| − | | [http://jeffchannell.com/Joomla/ms-comment-080b-multiple-vulnerabilities.html Alert]
| |
| − | | style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''WebAmoeba Ticket System 3.0.0'''
| |
| − | | Summary: '''WebAmoeba Ticket System 3.0.0''', a Joomla help desk component. The vulnerability is with the BBCode library used to parse BBCode tags, as it does not strip javascript: urls from [url] tags. Added November 2009
| |
| − | | [http://jeffchannell.com/Joomla/webamoeba-ticket-system-300-bbcode-xss.html Alert]
| |
| − | | style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''com_siirler'''
| |
| − | | Summary: SQL injection vulnerability in the '''Q-Proje Siirler Bileseni (com_siirler)''' component 1.2 RC for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in an sdetay action to index.php. Added 18 November 2009
| |
| − | | [[NIST:CVE-2009-3972 | CVE-2009-3972]]
| |
| − | | style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''jTips (com_jtips)'''
| |
| − | |SUmmary:SQL injection vulnerability in the '''jTips (com_jtips)''' component 1.0.7 and 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the season parameter in a ladder action to index.php. Added 18 November 2009
| |
| − | | [[NIST:CVE-2009-3971 |CVE-2009-3971]]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''JoomClip'''
| |
| − | |Summary: The '''JoomClip component for Joomla!''' is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the index.php script using the cat parameter, which could allow the attacker to view, add, modify or delete information in the back-end database. Nov 18, 2009
| |
| − | |[http://secunia.com/advisories/37400/ secunia.com 37400/]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''Mygallery Remote SQL Injection Vulnerability'''
| |
| − | |Summary: Joomla Component mygallery ( farbinform_krell) Remote SQL Injection Vulnerability Added 27 Nov 2009 {{JVer|1.5}} NB: This could be an error in our database as the only one we could find was for wordpress.If anyone know of one for joomla please let us know..(poss joomlicious.com CM)
| |
| − | |[http://www.exploit-db.com]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''Extreme Google Calendar'''
| |
| − | |Summary: '''com_gcalendar 1.1.2''' (gcid) Remote SQL Injection Vulnerability
| |
| − | Remote SQL Injection were identified in Google Calendar Component [http://extensions.joomla.org/extensions/calendars-a-events/calendars/4188 Extension Link] Added 27 Nov 2009
| |
| − | |[http://www.exploit-db.com reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''LyftenBloggie'''
| |
| − | | Summary: [http://www.lyften.com/products/lyftenbloggie.html LyftenBloggie] Component "author" SQL Injection Vulnerability LyftenBloggie 1.x Added 27 Nov 2009
| |
| − | |[http://secunia.com/advisories/product/28005/ SA37499]
| |
| − | | [http://jeffchannell.com/Joomla/lyften-bloggie-sql-injection-fix.html Un official fix]. Developer fix not release at 30 Nov 09 ''' [http://www.lyften.com/products/lyftenbloggie/extensions/download/id-20.html 1.0.4a (last update on Dec 28, 2009)]'''
| |
| − | |}
| |
| − | | |
| − | ----
| |
| − | | |
| − | == December 2009 Compiled Reports ==
| |
| − | {| class="wikitable sortable" border="1"
| |
| − | |-
| |
| − | ! '''Extension'''
| |
| − | ! class="unsortable"| '''Details'''
| |
| − | ! '''Reference Link'''
| |
| − | ! '''Extension Update Link'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''Omilen Photo Gallery'''
| |
| − | |Summary: Directory traversal vulnerability in the [http://extensions.joomla.org/extensions/photos-&-images/photo-flash-gallery/6373/details Omilen Photo Gallery] (com_omphotogallery) component Beta 0.5 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php.
| |
| − | Published: 12/04/2009
| |
| − | |[[NIST:CVE-2009-4202 | CVE-2009-4202]]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''Seminar'''
| |
| − | |Summary: SQL injection vulnerability in the [http://seminar.vollmar.ws/ Seminar] (com_seminar) component 1.28 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a View_seminar action to index.php.
| |
| − | Published: 12/04/2009
| |
| − | |[[NIST:CVE-2009-4200 | CVE-2009-4200]]
| |
| − | |style="background:#cef2e0; color:black" | ''' released V1.29, released'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''ProofReader'''
| |
| − | |Summary: Multiple cross-site scripting (XSS) vulnerabilities in index.php in the ProofReader (com_proofreader) component 1.0 RC9 and earlier for Joomla! allow remote attackers to inject arbitrary web script or HTML via the URI, which is not properly handled in (1) 404 or (2) error pages. Published: 12/02/2009 CVSS Severity: 4.3 (MEDIUM)
| |
| − | | [[NIST:CVE-2009-4157 | CVE-2009-4157]]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''D4J eZine'''
| |
| − | |Summary: PHP remote file inclusion vulnerability in class/php/d4m_ajax_pagenav.php in the D4J eZine (com_ezine) component 2.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS mosConfig_absolute_path parameter. Published: 11/29/2009 CVSS Severity: 7.5 (HIGH)
| |
| − | |[[NIST:CVE-2009-4094 | CVE-2009-4094]]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''Quick News'''
| |
| − | | Summary: The Joomla [http://joomlacode.org/gf/project/quicknews/ Quick News component] suffers from a remote SQL injection vulnerability. added 1st Dec 09
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''mojoblog'''
| |
| − | |Summary [http://www.joomlify.com/files/mojoblog/ MojoBlog] Multiple Remote File Include Vulnerability added 1st Dec 09 {{JVer|1.5}}
| |
| − | |[http://securityreason.com/exploitalert/7509 7509]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''TP Whois'''
| |
| − | |summary: [http://www.templateplazza.com/view-details/tpwhois/183-component-tp-whois-for-joomla-1.5.x.html TP Whois ] Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable application to fool a user in order to gather data from them. An attacker can steal the session cookie and take over the account. Added 3 december {{JVer|1.5}}
| |
| − | |[http://www.exploit-db.com Refrence]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''com_job'''
| |
| − | |Summary: Component com_job ( showMoreUse) SQL injection vulnerability Added 9th Dec
| |
| − | |[http://xforce.iss.net/xforce/xfdb/54626 Reference]
| |
| − | | style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''Mamboleto Component 2.0 RC3'''
| |
| − | |Summary: [http://www.fernandosoares.com.br/index.php?option=com_docman&task=cat_view&gid=28&Itemid=28 Mamboleto Component 2.0 RC3]SQL injection vulnerability {{JVer|1.5}} added 12 December
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | ''' Kide Shoutbox'''
| |
| − | |Summary: The Kide Shoutbox (com_kide) component 0.4.6 for Joomla! does not properly perform authentication, which allows remote attackers to post messages with an arbitrary account name via an insertar action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Added: December 08
| |
| − | |[[NIST:CVE-2009-4232 | CVE-2009-4232]]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | ''' JoomPortfolio Component'''
| |
| − | |Summary: [http://www.joomplace.com/joomportfolio/joomportfolio.html JoomPortfolio] Input passed via the "secid" parameter to index.php (when "option" is set to "com_joomportfolio" and "task" is set to "showcat") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.The vulnerability is reported in version 1.0.0. Other versions may also be affected. Added: December 18 {{JVer|1.5}}
| |
| − | |[http://secunia.com/advisories/37838/ Reporting Site]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''City Portal (templates?)'''
| |
| − | |Summary: City Portal Blind SQL Injection Vulnerability added: 2009-12-18
| |
| − | |[http://www.exploit-db.com Reference] Possibly this [http://www.youjoomla.com/jclick-city-portal-joomla-template.html tempate]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''Event Manager'''
| |
| − | |Summary: [http://www.jforjoomla.com/Joomla-Components/event-manager-15-component.html Event Manager] Blind SQL Injection Vulnerability EDB-ID: 10549
| |
| − | added: 2009-12-18
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | com_zcalendar
| |
| − | |Summary: com_zcalendar Blind SQL-injection Vulnerability
| |
| − | EDB-ID: 10548 added: 2009-12-18
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''com_acmisc'''
| |
| − | |Summary: com_acmisc SQL injection added: 2009-12-18
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''com_jbook'''
| |
| − | |Summary: com_jbook Blind SQL-injection EDB-ID: 10545 added: 2009-12-18 {{JVer|1.0}}
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''com_personel'''
| |
| − | |Summary: com_personel component for Joomla! is vulnerable to SQL injection.
| |
| − | |[http://xforce.iss.net/xforce/xfdb/54903 iss.net reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''HotBrackets Tournament Brackets '''
| |
| − | |Summary: The [http://extensions.joomla.org/extensions/sports-a-games/sports/10746 HotBrackets Tournament Brackets] component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. {{JVer|1.5}} added 22 dec
| |
| − | |[http://www.securityfocus.com/bid/37439/ Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''Car Manager'''
| |
| − | |Summary: http://webformatique.com/ com_carman Cross Site Scripting Vulnerability added 24 december 09{{JVer|1.5}}
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" |'''Schools component'''
| |
| − | |Summary: The 'com_schools' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
| |
| − | |[http://www.securityfocus.com/bid/37469 Reference] added 24 dec 09
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''webcamxp'''
| |
| − | |[http://extensions.joomla.org/extensions/communication/video-conference/4490 com_webcamxp] Cross Site Scripting Vulnerabilities Last version 2008 {{JVer|1.5}} Dec 27
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''jm-recommend'''
| |
| − | |jm-recommendCross Site Scripting Vulnerabilities. unable to locate on jed. {{JVer|1.5}} Dec 27
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | facileforms
| |
| − | | com_facileforms Cross Site Scripting Vulnerabilities. unable to locate on jed. Product considered retired. {{JVer|1.5}} Dec 27
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" |'''adagency'''
| |
| − | | [http://www.ijoomla.com/ijoomla-ad-agency/ijoomla-ad-agency/index/ adagency ]Vulnerabilities {{JVer|1.5}} Dec 27
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''com_intuit'''
| |
| − | |[http://www.san-diego-web-designer.com/new-file-download/item/root/aboutimage-igateway-for-joomla.html com_intuit]Local File Inclusion Vulnerability {{JVer|1.5}} Dec. 27
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:#cef2e0; color:white" | ''' [http://www.securityfocus.com/bid/37494/discuss Retired]'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''MemoryBook'''
| |
| − | |[http://extensions.joomla.org/extensions/calendars-a-events/birthdays-a-historic-events/10868 MemoryBook 1.2] Multiple Vulnerabilities. requires: magic quotes OFF, user account {{JVer|1.5}} Dec. 27
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" |'''qpersonel'''
| |
| − | |[http://extensions.joomla.org/extensions/directory-a-documentation/thematic-directory/7049 qpersonel ] Cross Site Scripting Vulnerabilities {{JVer|1.0}}[[Image:http://extensions.joomla.org/images/jed/compat_15_legacy.png]] Dec. 27
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" |'''opryknings point'''
| |
| − | |com_oprykningspoint_mc Cross Site Scripting Vulnerabilities {{JVer|1.5}} Dec. 27
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" |'''trabalhe conosco'''
| |
| − | |com_trabalhe_conosco Cross Site Scripting Vulnerabilities {{JVer|1.5}} Dec. 27
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" |'''DhForum'''
| |
| − | |com_dhforum SQL Injection Vulnerability. considered retired/EOL Dec. 27 {{JVer|1.0}}1.5 legacy
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |}
| |
| − | | |
| − | ----
| |
| − | | |
| − | == January 2010 Reported Vulnerable Extensions ==
| |
| − | | |
| − | | |
| − | '''Please check with the extension publisher in case of any questions over the security of their product.'''
| |
| − | Report Vulnerable extensions either in the [[jforum:432]] security topic or the [http://forum.joomla.org/viewforum.php?f=470 extensions] topic clearly marked with the first word in the title being ''Vulnerable'' where the security moderators or JSST team will respond.
| |
| − | ''This list is change protected, for updates or editing requests [http://forum.joomla.org/memberlist.php?mode=viewprofile&u=28000 Mandville] or [http://forum.joomla.org/memberlist.php?mode=viewprofile&u=87230 lafrance]
| |
| − | ''
| |
| − | | |
| − | [http://docs.joomla.org/Vulnerable_Extensions_List Back To Top]
| |
| − | | |
| − | | |
| − | | |
| − | {| class="wikitable sortable" border="1"
| |
| − | |-
| |
| − | ! '''Extension'''
| |
| − | ! class="unsortable"| '''Details'''
| |
| − | ! '''Reference Link'''
| |
| − | ! '''Extension Update Link'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" |JvideoDirect
| |
| − | |Summary: [http://extensions.joomla.org/extensions/multimedia/video-players-a-gallery/9501 Jvideodirect] SQLi Jan 29
| |
| − | |
| |
| − | |[http://www.jvideodirect.com/ Update version 2.5]
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" |'''JEvent search plugin'''
| |
| − | |Summary: JEvent search plugin for [http://extensions.joomla.org/extensions/calendars-a-events/events/95 JEvent] SQLi reported Jan 29
| |
| − | |
| |
| − | |style="background:#cef2e0; color:white" | ''' [http://www.jevents.net/forum/viewtopic.php?f=17&t=3910#p15526 upgrade to 1.5.3b]'''
| |
| − | |
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" |'''Kunena'''
| |
| − | |Summary: [http://extensions.joomla.org/extensions/communication/forum/7256/details kunena] re reported suffering SQLi in version 1.5.9 Jan 29 Confirmation Required '''Now found to be malicious'''
| |
| − | |
| |
| − | |style="background:#cef2e0; color:black" | ''' [http://www.kunena.com/blog/19-developer-blog/51-kunena-157-security-release-now-available Versions 1.5.5 and below only]'''
| |
| − | |
| |
| − | |-
| |
| − | |style="background:red; color:white" |'''JE Quiz'''
| |
| − | |Summary : http://extensions.joomla.org/extensions/contacts-and-feedback/quiz-a-surveys/11212 JeQuiz SQLi reported 29 Jan
| |
| − | |
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black"" |'''idoblog'''
| |
| − | |summary: exploitable due to open file permissions. 28 Jan
| |
| − | |Private Notification
| |
| − | |style="background:#cef2e0; color:black" | ''' [http://idojoomla.com/news.html build 35 released] '''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" |'''ccnewsletter'''
| |
| − | |Summary [http://extensions.joomla.org/extensions/5112/details ccnewsletter Directory Traversal Vulnerability] Jan 28
| |
| − | |Private Notification
| |
| − | |style="background:#cef2e0; color:white" | ''' [http://www.chillcreations.com/en/blog/ccnewsletter-joomla-newsletter/ccnewsletter-106-security-release.html version 1.0.6 released 29 Jan]'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:white" |'''Virtuemart 1.1.4'''
| |
| − | |Summary: [http://extensions.joomla.org/extensions/e-commerce/shopping-cart/129 virtuemart] Input var order_status_id is vulnerable to SQLi NB Requires Higher Level access before exploiting. Jan 27
| |
| − | |
| |
| − | |style="background:#cef2e0; color:black" | ''' [http://forum.joomla.org/viewtopic.php?p=2027005#p2027005 developer patches]'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" |'''JBDiary'''
| |
| − | |Summary: [http://extensions.joomla.org/extensions/calendars-a-events/events/11009 JBDiary] BLIND SQL Injection Vulnerabilities Jan 24 [http://www.jb-soft.nl/ http://www.jb-soft.nl/]
| |
| − | |
| |
| − | |style="background:#cef2e0; color:white" | ''' [http://www.jb-soft.nl/index.php?option=com_content&view=article&id=64 Developer Update 27 Jan]'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" |'''JbPublishDownFp'''
| |
| − | |Sumary: [http://extensions.joomla.org/extensions/news-production/timed-content/6496 JbPublishDownFp] SQL Injection Vulnerability Jan 24 [http://www.jb-soft.nl http://www.jb-soft.nl]
| |
| − | |
| |
| − | |style="background:#cef2e0; color:white" |''' [http://www.jb-soft.nl/index.php?option=com_content&view=article&id=64 Developer Update Jan 27]'''
| |
| − | |-
| |
| − | |style="background:red; color:white" |'''com_casino'''
| |
| − | |Summary: [http://extensions.joomla.org/extensions/sports-a-games/tips-a-betts com_casino]
| |
| − | SQL Injection Vulnerabilities Jan24
| |
| − | |
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" |'''Mochigames'''
| |
| − | |Summary: [http://extensions.joomla.org/extensions/search/mochigames com_Mochigames]
| |
| − | SQL Injection Vulnerabilities Jan24
| |
| − | |
| |
| − | |style="background:#cef2e0; color:white" | ''' [http://www.yoflash.com/download.html mochigames_alpha052 Released]'''
| |
| − | |-
| |
| − | |style="background:red; color:white" |'''ContentBlogList'''
| |
| − | |Summary: [http://extensions.joomla.org/extensions/news-production/blog/10989 com_ContentBlogList] SQL Injection Vulnerability Jan 23
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" |MailChimp for Joomla 1.5
| |
| − | |Summary: [http://extensions.joomla.org/extensions/bridges/mailing-a-newsletter-bridges/7836 MailChimp for Joomla 1.5] jan 17
| |
| − | |Developer Statement
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" |'''JoomlaXML'''
| |
| − | |Summary: [http://extensions.joomla.org/extensions/tools/design-tools/5020 JoomlaXML] malicious code insertion
| |
| − | |
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | | style="background:red; color:white" | '''JVClouds3D SWF module'''
| |
| − | |[http://joomlapro.ru/3djvclouds JVClouds3D SWF module] Cross Site Scripting . jan 14
| |
| − | |[http://xforce.iss.net/xforce/xfdb/55535 xforce]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''JVClouds3D'''
| |
| − | |[http://joomlapro.ru/3djvclouds JVClouds3D module] Cross Site Scripting . jan 14
| |
| − | |[http://xforce.iss.net/xforce/xfdb/55534 xforce]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" |'''JA Showcase'''
| |
| − | |[http://www.joomlart.com/addons/components_and_modules/ja_showcase.html JA Showcase component] Directory Traversal jan 14
| |
| − | |[http://xforce.iss.net/xforce/xfdb/55512 xforce]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" |'''jprojects'''
| |
| − | |Summary: Unknown Author com_j-projects Blind SQL Injection Vulnerability. Jan 10 detail update
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" |'''jEmbed-Embed Anything'''
| |
| − | |[http://www.joshprakash.com/index.php?option=com_docman&task=doc_details&gid=70 jEmbed-Embed Anything] A vulnerability has been discovered in the jEmbed-Embed Anything component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks. Jan 10
| |
| − | |[http://secunia.com/advisories/38112 Secunia Advisory: SA38112]
| |
| − | |style="background:red; color:white" | [http://extensions.joomla.org/extensions/3699/details Product considered retired]
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" |'''perchagallery '''
| |
| − | |Summary: perchagallery [http://extensions.joomla.org/extensions/photos-a-images/photo-gallery/10350 com_perchagallery] SQL Injection Vulnerability Jan 7
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:#cef2e0; color:white" | ''' [http://www.percha.com/index.php?option=com_phocadownload&view=file&id=22:1.5&Itemid=20 Developer Update 1.5b]'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''CARTwebERP'''
| |
| − | |Summary: [http://extensions.joomla.org/extensions/bridges/e-commerce-bridges/8753 CARTwebERP] Local File Inclusion Vulnerability Jan. 3
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:#cef2e0; color:white" | ''' [http://extensions.joomla.org/extensions/bridges/e-commerce-bridges/8753 1.56.76 (last update on Jan 11, 2010)]'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''JoomlaBibleStudy'''
| |
| − | |Summary: [http://extensions.joomla.org/extensions/miscellaneous/religion/3461 JoomlaBibleStudy] LFI Vulnerability Jan. 3
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:#cef2e0; color:white" | '''[http://joomlabiblestudy.org/invisible-downloads/category/3-component.html Developer reported update]'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''com_bfsurvey_basic and pro'''
| |
| − | |Summary: [http://www.tamlyncreative.com.au/software/ BFsurvey] SQL Injection Vulnerability ,LFI Vulnerability Jan. 3
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:#cef2e0; color:white" | ''' [http://www.tamlyncreative.com.au/software/forum/index.php?topic=641.0 Developer Update announcement]'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''Alfresco'''
| |
| − | |Summary: SQL Injection Vulnerability. Not believed to be Joomlatools extension Jan. 3
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''abbrev'''
| |
| − | |Summary: [http://extensions.joomla.org/extensions/directory-a-documentation/glossary-a-dictionary/4965 abbrev] Local File Inclusion Vulnerability Jan. 3
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''countries'''
| |
| − | |Summary: [http://extensions.joomla.org/extensions/miscellaneous/development/6553 countries] SQL Injection Vulnerability Jan. 3
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''Dedicated Component com_tpjobs'''
| |
| − | |Summary: [http://www.templateplazza.com/ tpjobs] SQL Injection Vulnerability unable to locate files probably template plaza Jan. 3
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:#cef2e0; color:white" | ''' [http://www.templateplazza.com/extensions-updates/tpjobs-component-update-v-1.1.html Developer Update] '''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''Component com_doqment'''
| |
| − | |SQL Injection Vulnerability Jan. 3
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''Component com_otzivi'''
| |
| − | |Blind SQL Injection Vulnerability Jan. 3
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''aprice'''
| |
| − | |Summary: [http://adeptweb.info/component/option,com_aprice/Itemid,109/ com_aprice] Component 'analog' Parameter SQL Injection Vulnerability
| |
| − | |[http://www.securityfocus.com/bid/37575 Report]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:red; color:white" |'''cartikads'''
| |
| − | |Summary: [http://www.cartikahosting.com com_cartikads] Remote File Upload Vulnerability
| |
| − | '''Mambo''' Open Source ads management component
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''Docman seller'''
| |
| − | |Summary: [http://extensions.joomla.org/extensions/e-commerce/subscriptions/5000 Document seller] Input passed via the "id" parameter to index.php (when "option" is set to "com_dm_orders", "task" is set to "order_form", and "payment_method" is set to "Paypal") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
| |
| − | |[http://secunia.com/advisories/38024/ secunia]
| |
| − | |style="background:#cef2e0; color:white" | [http://extensions.joomla.org/extensions/e-commerce/subscriptions/5000 Updated 10th Jan]
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''ozio gallery'''
| |
| − | |summary: [http://extensions.joomla.org/extensions/photos-a-images/photo-flash-gallery/4883 Ozio Gallery2] SQLi eploit
| |
| − | |[http://www.viruslist.com/en/advisories/37974 Reference]
| |
| − | |style="background:#cef2e0; color:white" |[http://oziogallery.joomla.it/index.php?option=com_content&view=article&id=62%3Anuova-ozio-gallery-23-aggiornamento-di-sicurezza&catid=2%3Anotizie&Itemid=13&lang=en developer update Jan 11]
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''RD-Autos Free'''
| |
| − | |[http://extensions.joomla.org/extensions/vertical-markets/vehicles/5458 RD-Autos Free ] This version is now commercial not free
| |
| − | |Private advisory to JED Jan 11
| |
| − | |style="background:red; color:white" | ''' Product Retired and replaced'''
| |
| − | |-
| |
| − | |style="background:red; color:white" | '''DailyMeals'''
| |
| − | |Summary: [http://extensions.joomla.org/extensions/vertical-markets/food-a-beverage/4764 dailymeals] Local File Inclusion Vulnerability Jan 02
| |
| − | |[http://www.exploit-db.com Reference]
| |
| − | |style="background:red; color:white" | ''' Not Known'''
| |
| − | |-
| |
| − | |style="background:#cef2e0; color:black" | '''RD-Autos Pro'''
| |
| − | |[http://extensions.joomla.org/extensions/vertical-markets/vehicles/6357 RD Autos Pro]
| |
| − | |Private advisory to JED Jan 11
| |
| − | |style="background:#cef2e0; color:black" | ''' Upgrade to Latest version be 2.0.2'''
| |
| − | |-
| |
| − | |
| |
| − | |
| |
| − | |
| |
| − | |
| |
| − | |}
| |
| − | | |
| − | ----
| |
| − | [[Category:Security]]
| |
