Dominion Vulnerability on Lang Variable- Blind SQL injection
-
-
- CTPIS
- Newbie
- Posts: 9
- Thanks: 0
-
I have developed a site with Dominion and Language Module Joomfish 2.04.
I have analyze the site using Acunetix Web Site Audit and it provide a positive Vulnerability on Lang Variable on Get and Post method. Attached the result detail for Vulnerability.
how cna be fixed this vulnerability? Can yo uplease suggest?
we stested the same issues with Joombla 1.5.16 1.5.17 1.5.18.
A fast feedback is muhc appreciate i can provide access to admin area.
Giovanni - Last Edit: 14 years 10 months ago by CTPIS.
-
-
-
- lafrance
- Hero Rocketeer
- Posts: 324
- Thanks: 0
-
Hello!
I have no heard of any exploit on joom!fish 2.0.4
Will contact the dev on this subject.
Are you sure it is not another extension that is out of date that cause malicious coode injection.?
I would suggest you post on joomla security forum after you run this tool.
forum.joomla.org/download/file.php?id=70500
So we can assist you further in this matter.
docs.joomla.org/Security_Checklist_7 also worth following this. - Please be kind no PM without asking,Pm without asking will result in fow list
help also on freenode irc #joomla,hosting solution for a great value 20 users only per server.
Pierre.
-
-
-
- lafrance
- Hero Rocketeer
- Posts: 324
- Thanks: 0
-
Hello!
Your welcome good luck
here a list that Manville and I keep up for exploit call VEL
good idea to create a rss feed to your admin side
docs.joomla.org/Vulnerable_Extensions_List - Please be kind no PM without asking,Pm without asking will result in fow list
help also on freenode irc #joomla,hosting solution for a great value 20 users only per server.
Pierre.
-
Time to create page: 0.065 seconds