Updated Noah Classifieds Component for Joomla!/Mambo fixes vulnerabilities
Problem:
Several vulnerabilities were recently discovered in Noah Classifieds 1.3 which also affect the Joomla!/Mambo component. Details on the vulnerabilities are available at http://www.kapda.ir/advisory-268.html
The exploits included - Sql Injection, XSS, Local file inclusion, Remote code execution.
Solution: Upgrade to version 1.0 Beta 3. This fixes all known vulnerabilities. 1.0 Beta 3 can be found on JoomlaForge - http://forge.joomla.org/sf/frs/do/viewRelease/projects.noah/frs.noah_1_0
_beta_1.beta_3
If you want to report vulnerabilities discovered in the Noah Classifieds component for Joomla!/Mambo, please contact
noahsec1-(at)-davidmckinnisconsulting.com. We would also appreciate advanced notice of any vulnerabilities discovered in Noah Classifieds to see if they also affect the Joomla!/Mambo component.
Problem:
Several vulnerabilities were recently discovered in Noah Classifieds 1.3 which also affect the Joomla!/Mambo component. Details on the vulnerabilities are available at http://www.kapda.ir/advisory-268.html
The exploits included - Sql Injection, XSS, Local file inclusion, Remote code execution.
Versions affected ? Joomla!/Mambo Noah Classifieds Component <= 1.0 Beta 2.
Solution: Upgrade to version 1.0 Beta 3. This fixes all known vulnerabilities. 1.0 Beta 3 can be found on JoomlaForge - http://forge.joomla.org/sf/frs/do/viewRelease/projects.noah/frs.noah_1_0
_beta_1.beta_3
If you want to report vulnerabilities discovered in the Noah Classifieds component for Joomla!/Mambo, please contact
noahsec1-(at)-davidmckinnisconsulting.com. We would also appreciate advanced notice of any vulnerabilities discovered in Noah Classifieds to see if they also affect the Joomla!/Mambo component.
david mckinnis
[ reply ]