Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:17933
HistorySep 04, 2007 - 12:00 a.m.

Multiple vulnerabilities in Joomla 1.5 RC 1

2007-09-0400:00:00
vulners.com
18

Hi,
There are several security bugs in Joomla 1.5 RC 1 :
1) An exploitable sql injection in the archive section . I sent the exploit
to the joomla developer, but here I am not going to publish it :)
2) A XSS bug, again in the archive section .
3) Several full path disclosure bugs . Direct access to many …/tmpl/…php
files, will expose the full installation path .
Joomla has released a new version (Joomla 1.5 RC 2) .

  • Omid