Project: Joomla! SubProject: All Severity: Medium Versions: 1.5.18 and all previous 1.5 releases Exploit type: XSS Injection Reported Date: 2010-June-1 Fixed Date: 2010-July-15 Description Back-end user can inject Javascript in various administrator screens. Affected Installs All 1.5.x installs prior to and including 1.5.18 are affected. Solution Upgrade to the latest Joomla! version (1.5.18 or later) Reported by oCERT. Contact The JSST at the Joomla! Security Center .
Read the original:
[20100704] – Core – XSS Vulnerabillitis in Back End
Project: Joomla! SubProject: All Severity: Medium Versions: 1.5.18 and all previous 1.5 releases Exploit type: XSS Injection Reported Date: 2010-June-8 Fixed Date: 2010-July-15 Description Back-end user can inject Javascript in various administrator screens. Affected Installs All 1.5.x installs prior to and including 1.5.18 are affected. Solution Upgrade to the latest Joomla! version (1.5.18 or later) Reported by José Antonio Vázquez González Contact The JSST at the Joomla! Security Center .
Project: Joomla! SubProject: All Severity: Medium Versions: 1.5.18 and all previous 1.5 releases Exploit type: XSS Injection Reported Date: 2010-June-8 Fixed Date: 2010-July-15 Description Back-end user can inject Javascript in various administrator screens. Affected Installs All 1.5.x installs prior to and including 1.5.18 are affected. Solution Upgrade to the latest Joomla! version (1.5.18 or later) Reported by José Antonio Vázquez González Contact The JSST at the Joomla! Security Center .
More here:
[20100702] – Core – XSS Vulnerabillitis in Back End
Project: Joomla! SubProject: All Severity: Low Versions: 1.5.18 and all previous 1.5 releases Exploit type: Internal Path Exposure Reported Date: 2010-June-10 Fixed Date: 2010-July-15 Description Back-end user can create MySQL error which shows internal path information in the error message. Affected Installs All 1.5.x installs prior to and including 1.5.18 are affected. Solution Upgrade to the latest Joomla! version (1.5.18 or later) Reported by Andy Gorges Contact The JSST at the Joomla! Security Center .
Go here to see the original:
[20100701] – Core – SQL Injection / Internal Path Exposure
Project: Joomla! SubProject: All Severity: High Versions: 1.5.17 and all previous 1.5 releases Exploit type: XSS Injection Reported Date: 2010-May-13 Fixed Date: 2010-May-28 Description Back-end user can inject javascript in various administrator screens. Affected Installs All 1.5.x installs prior to and including 1.5.17 are affected. Solution Upgrade to the latest Joomla! version (1.5.18 or later) Reported by Riyaz Ahemed Contact The JSST at the Joomla! Security Center .
Here is the original:
[20100501] – Core – XSS Vulnerabilities in Back End
Project: Joomla! SubProject: All Severity: Moderate Versions: 1.5.15 and all previous 1.5 releases Exploit type: information Disclosure Reported Date: 2010-Feb-21 Fixed Date: 2010-Apr-23 Description If a user entered a URL with a negative query limit or offset, a PHP notice would display revealing information about the system. Affected Installs All 1.5.x installs prior to and including 1.5.15 are affected. Solution Upgrade to the latest Joomla! version (1.5.16 or later) Reported by Security List Contact The JSST at the Joomla! Security Center .
The rest is here:
[20100423] – Core – Negative Values for Limit and Offset
Project: Joomla! SubProject: All Severity: Low Versions: 1.5.15 and all previous 1.5 releases Exploit type: Code upload Reported Date: 2009-Dec-30 Fixed Date: 2010-Apr-23 Description The migration script in the Joomla! installer does not check the file type being uploaded. If the installation application is present, an attacker could use it to upload malicious files to a server. Affected Installs All 1.5.x installs prior to and including 1.5.15 are affected. Solution Upgrade to the latest Joomla! version (1.5.16 or later) Reported by Nicola Bettini Contact The JSST at the Joomla! Security Center .
Read the rest here:
[20100423] – Core – Installer Migration Script
Project: Joomla! SubProject: All Severity: Moderate Versions: 1.5.15 and all previous 1.5 releases Exploit type: Session fixation Reported Date: 2010-Mar-25 Fixed Date: 2010-Apr-23 Description Session id doesn’t get modified when user logs in. A remote site may be able to forward a visitor to the Joomla! site and set a specific cookie. If the user then logs in, the remote site can use that cookie to authenticate as that user. Affected Installs All 1.5.x installs prior to and including 1.5.15 are affected. Solution Upgrade to the latest Joomla! version (1.5.16 or later) Reported by Raúl Siles and Steven Pignataro Contact The JSST at the Joomla! Security Center . [20100423] – Core – Password Reset Tokens
Read more:
[20100423] – Core – Sessation Fixation
Project: Joomla! SubProject: All Severity: Low Versions: 1.5.15 and all previous 1.5 releases Exploit type: Unauthorised Access Reported Date: 2010-Jan-07 Fixed Date: 2010-Apr-23 Description When a user requests a password reset, the reset tokens were stored in plain text in the database. While this is not a vulnerability in itself, it allows user accounts to be compromised if there is an extension on the site with an SQL injection vulnerability. Affected Installs All 1.5.x installs prior to and including 1.5.15 are affected. Solution Upgrade to the latest Joomla! version (1.5.16 or later) Reported by Madis Abel Contact The JSST at the Joomla! Security Center .
Read the original:
[20100423] – Core – Password Reset Tokens
Project: Joomla! SubProject: com_content Severity: Moderate Versions: 1.5.14 and all previous 1.5 releases Exploit type: Front-End Editing Reported Date: 2009-September-05 Fixed Date: 2009-November-03 Description When logged into the front end with Author access, it was possible to replace an article written by another user. Affected Installs All 1.5.x installs prior to and including 1.5.14 are affected. Solution Upgrade to latest Joomla! version (1.5.15 or newer). Reported by Hannes Papenberg Contact The JSST at the Joomla! Security Center .
Read more from the original source:
[20091103] – Core – Front-End Editor Issue