[Medium Alert] Joomla Ext. JMS File Sellers

	Welcome, Guest. Please login or register. Did you miss your activation email? Login with username, password and session length	May 24, 2012, 09:24:13 AM

Web Hosting Forum | Lunarpages > Advanced Lunarpages Assistance > Lunarpages Security Center > Topic: [Medium Alert] Joomla Ext. JMS File Sellers - LFI Vulnerability

Pages: [1] Go Down

« previous next »

Author

Topic: [Medium Alert] Joomla Ext. JMS File Sellers - LFI Vulnerability (Read 1705 times)

Dragos

Administrator
Spacescooter Operator

Offline

Posts: 30

[Medium Alert] Joomla Ext. JMS File Sellers - LFI Vulnerability

« on: May 31, 2011, 10:09:13 AM »

Executive Summary: The Joomla Ext. com_jmsfileseller has been discovered to be vulnerable to a Local File Inclusion vulnerability. The affected version is 1.0.

Technical Details: Input passed via "VIEW" Parameter is not sanitized.

Recommendations: contact the developer and obtain an updated version or discontinue use. Alternatively you can edit the source code to fix the issue.


	Logged

--
Dragos Gabriel Fedorovici
JSA Supervisor - System Administrator Team
Add2Net Inc., LunarPages Division

Pages: [1] Go Up

« previous next »

Jump to:

Share |

Powered by SMF 1.1.14 | SMF © 2006-2011, Simple Machines LLC
Lunarpages Web Hosting | Website Templates | Blog Hosting

Loading...