forex trading logo

 

Categories on 1 level

This module can not work without the Hikashop Component

Categories on 2 levels

This module can not work without the Hikashop Component

Feed Display

Nebylo zadáno URL RSS kanálu.

VirtueMart Module


List All Products

Advanced Search
Show Cart
Your Cart is currently empty.
Home News Feeds Joomla! Security News
Newsfeeds
Security Announcements


  • [20210402] - Core - Inadequate filters on module layout settings
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Low
    • Versions: 3.0.0 - 3.9.25
    • Exploit type: LFI
    • Reported Date: 2021-01-03
    • Fixed Date: 2021-04-13
    • CVE Number: CVE-2021-26031

    Description

    Inadequate filters on module layout settings could lead to an LFI.

    Affected Installs

    Joomla! CMS versions 3.0.0 - 3.9.25

    Solution

    Upgrade to version 3.9.26

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Lee Thao from Viettel Cyber Security


  • [20210401] - Core - Escape xss in logo parameter error pages
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Low
    • Versions: 3.0.0 - 3.9.25
    • Exploit type: XSS
    • Reported Date: 2021-03-09
    • Fixed Date: 2021-04-13
    • CVE Number: CVE-2021-26030

    Description

    Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error pages.

    Affected Installs

    Joomla! CMS versions 3.0.0 - 3.9.25

    Solution

    Upgrade to version 3.9.26

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: HOANG NGUYEN


  • [20210307] - Core - ACL violation within com_content frontend editing
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Moderate
    • Severity: Low
    • Versions: 3.0.0 - 3.9.24
    • Exploit type: ACL violation
    • Reported Date: 2020-10-25
    • Fixed Date: 2021-03-02
    • CVE Number: CVE-2021-26027

    Description

    Incorrect ACL checks could allow unauthorized change of the category for an article.

    Affected Installs

    Joomla! CMS versions 3.0.0 - 3.9.24

    Solution

    Upgrade to version 3.9.25

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Brian Teeman, George Wilson (JSST), David Jardin (JSST)


  • [20210306] - Core - com_media allowed paths that are not intended for image uploads
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Moderate
    • Severity: Low
    • Versions: 3.0.0 - 3.9.24
    • Exploit type: Improper Input Validation
    • Reported Date: 2020-02-17
    • Fixed Date: 2021-03-02
    • CVE Number: CVE-2021-23132

    Description

    com_media allowed paths that are not intended for image uploads.

    Affected Installs

    Joomla! CMS versions 3.0.0 - 3.9.24

    Solution

    Upgrade to version 3.9.25

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Hoang Kien from VSEC


  • [20210305] - Core - Input validation within the template manager
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Low
    • Versions: 3.2.0 - 3.9.24
    • Exploit type: Improper Input Validation
    • Reported Date: 2020-05-07
    • Fixed Date: 2021-03-02
    • CVE Number: CVE-2021-23131

    Description

    Missing input validation within the template manager.

    Affected Installs

    Joomla! CMS versions 3.2.0 - 3.9.24

    Solution

    Upgrade to version 3.9.25

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Bui Duc Anh Khoa from Viettel Cyber Security


Založeno na Joomla!. Designed by: Free Joomla 1.5 Theme NTC hosting Valid XHTML and CSS.