[20130202] – Core – Information Disclosure

Project: Joomla! SubProject: All Severity:  Low Versions: 3.0.2 as well as progressing 3.0.x versions. Exploit type: Information avowal Reported Date: 2013-January-16 Fixed Date: 2013-February-4 CVE Number:  CVE-2013-1455 Description Undefined non-static caused report avowal in a little situations. Affected Installs Joomla! version 3.0.2 as well as progressing 3.0.x versions

Read some-more here:
[20130202] – Core – Information Disclosure

[20130203] – Core – Information Disclosure

Project: Joomla! SubProject: All Severity:  Low Versions: 3.0.2 as well as progressing 3.0.x versions. Exploit type: Information avowal Reported Date: 2013-January-13 Fixed Date: 2013-February-4 CVE Number:  CVE-2013-1454 Description Coding errors led to report avowal in a little situations

See a strange post:
[20130203] – Core – Information Disclosure

[20121001] – Core – XSS Vulnerability

Project: Joomla! SubProject: All Severity:  Low Versions:  3.0.0 Exploit type: XSS Vulnerability Reported Date: 2012-October-01 Fixed Date: 2012-October-09 Description Typographical blunder leads to XSS disadvantage in denunciation poke component. Affected Installs Joomla! chronicle 3.0.0

Read some-more here:
[20121001] – Core – XSS Vulnerability

[20120901] – Core – XSS Vulnerability

Project: Joomla! SubProject: All Severity:  Low Versions: 2.5.6 as well as all progressing 2.5.x versions Exploit type: XSS Vulnerability Reported Date: 2012-April-30 Fixed Date: 2012-September-13 Description Inadequate evading of outlay leads to XSS vulnerability. Affected Installs Joomla! versions 2.5.6 as well as all progressing 2.5.x versions Solution Upgrade to chronicle 2.5.7 Reported by Janek Vind as well as Antoine Cervoise Contact The JSST during a Joomla! Security Center

Read a strange post:
[20120901] – Core – XSS Vulnerability

[20120601] – Core – Privilege Escalation

Project: Joomla! SubProject: All Severity:  Medium High Versions: 2.5.4 as well as all progressing 2.5.x versions Exploit type: Privilege Escalation Reported Date: 2012-April-29 Fixed Date: 2012-June-18 Description Inadequate checking leads to probable user payoff escalation.

Read a strange post:
[20120601] – Core – Privilege Escalation

[20120602] – Core – Information Disclosure

Project: Joomla! SubProject: All Severity: Low Versions: 2.5.4 as well as all progressing 2.5.x versions Exploit type: Information Disclosure Reported Date: 2012-May-1 Fixed Date: 2012-June-18 Description Inadequate filtering leads SQL blunder as well as report disclosure. Affected Installs Joomla! versions 2.5.4 as well as all progressing 2.5.x versions Solution Upgrade to chronicle 2.5.5 Reported by Jakub Galczyk Contact The JSST during a Joomla! Security Center.

Read some-more from a strange source:
[20120602] – Core – Information Disclosure

[20120307] – Core – Information Disclosure

Project: Joomla! SubProject: All Severity: Low Versions: 2.5.3 as well as all progressing 2.5.x versions Exploit type: Information Disclosure Reported Date: 2012-January-7 Fixed Date: 2012-April-2 Description Inadequate accede checking allows unapproved observation of a little executive behind finish information.

Link:
[20120307] – Core – Information Disclosure

[20120308] – Core – XSS Vulnerability

Project: Joomla! SubProject: All Severity: Low Versions: 2.5.3 as well as all progressing 2.5.x versions Exploit type: XSS Vulnerability Reported Date: 2012-February-3 Fixed Date: 2012-April-2 Description Inadequate filtering in refurbish physical education instructor leads to XSS vulnerability.

See a rest here:
[20120308] – Core – XSS Vulnerability

[20120306] – Core – Information Disclosure

Project: Joomla! SubProject: All Severity: Low Versions: 1.5.25 as well as all progressing 1.5.x versions Exploit type: Information Disclosure Reported Date: 2012-January-7 Fixed Date: 2012-March-27 Description Inadequate accede checking allows unapproved observation of executive behind finish information.

See a rest here:
[20120306] – Core – Information Disclosure

[20120304] – Core – Password Change

Project: Joomla! SubProject: All Severity: High Versions: 2.5.2, 2.5.1, 2.5.0, as well as all 1.7.x as well as 1.6.x releases Exploit type: Password Change Reported Date: 2012-March-8 Fixed Date: 2012-March-15 Description Insufficient randomness leads to cue reset vulnerability. Affected Installs Joomla! versions 2.5.2, 2.5.1, 2.5.0, as well as all 1.7.x as well as 1.6.x versions Solution Upgrade to chronicle 2.5.3 Reported by George Argyros as well as Aggelos Kiayias Contact The JSST during a Joomla! Security Center.

See some-more here:
[20120304] – Core – Password Change

[20120303] – Core – Privilege Escalation

Project: Joomla! SubProject: All Severity: High Versions: 2.5.2, 2.5.1, 2.5.0, as well as all 1.7.x as well as 1.6.x releases Exploit type: Privilege Escalation Reported Date: 2012-March-12 Fixed Date: 2012-March-15 Description Programming blunder allows payoff escalation in a little cases. Affected Installs Joomla! versions 2.5.2, 2.5.1, 2.5.0, as well as all 1.7.x as well as 1.6.x versions Solution Upgrade to chronicle 2.5.3 Reported by  Jeff Channel Contact The JSST during a Joomla! Security Center

Read a original:
[20120303] – Core – Privilege Escalation

[20120301] – Core – SQL Injection

Project: Joomla! SubProject: All Severity: High Versions: 2.5.1, 2.5.0 as well as 1.7.0 – 1.7.5 Exploit type: SQL Injection Reported Date: 2012-February-29 Fixed Date: 2012-March-05 Description Inadequate evading leads to SQL injection vulnerability. Affected Installs Joomla! chronicle 2.5.1, 2.5.0, 1.7.4, as well as all progressing 1.7.x versions Solution Upgrade to chronicle 2.5.2 Reported by Colin Wong Contact The JSST during a Joomla! Security Center

Go here to review a rest:
[20120301] – Core – SQL Injection

[20120202] – Core – Information Disclosure

Project: Joomla! SubProject: All Severity: Moderate Versions: 1.7.4 as well as all progressing 1.7.x versions Exploit type: Information Disclosure Reported Date: 2012-January-06 Fixed Date: 2012-February-02 Description On a little servers a blunder record could be review by unapproved users.

More:
[20120202] – Core – Information Disclosure

[20120201] – Core – Information Disclosure

Project: Joomla! SubProject: All Severity: Low Versions: 2.5.0 as well as 1.7.0 – 1.7.4 Exploit type: Information Disclosure Reported Date: 2012-January-29 Fixed Date: 2012-February-02 Description Inadequate validation leads to report avowal in administrator. Affected Installs Joomla! chronicle 2.5.0, 1.7.4, as well as all progressing 1.7.x versions Solution Upgrade to chronicle 1.7.5 or 2.5.1 or aloft Reported by Jakub Galczyk Contact The JSST during a Joomla! Security Center.

Link:
[20120201] – Core – Information Disclosure

[20111103] – Core – Password Change

Project: Joomla! SubProject: All Severity: High Versions: 1.5.24 as well as all progressing 1.5 versions Exploit type: Password Change Reported Date: 2011-October-28 Fixed Date: 2011-November-14 Description Weak pointless series era during cue reset leads to probability of becoming different a user’s password. Affected Installs Joomla! chronicle 1.5.24 as well as all progressing 1.5 versions Solution Upgrade to a ultimate Joomla! 1.5 chronicle (1.5.25 or later) Reported by  David Jardin Contact The JSST during a Joomla! Security Center .

Read this article:
[20111103] – Core – Password Change

[20111001] – Core – Information Disclosure

Project: Joomla! SubProject: All Severity: Moderate Versions: 1.7.1 Exploit type: Information Disclosure Reported Date: 2011-September-09 Fixed Date: 2011-October-17 Description Weak encryption causes intensity report disclosure. Affected Installs Joomla! chronicle 1.7.1 as well as progressing Solution Upgrade to a ultimate Joomla! chronicle (1.7.2 or later) Reported by Jeff Channell Contact The JSST during a Joomla! Security Center .

Link:
[20111001] – Core – Information Disclosure

[20111002] – Core – Information Disclosure

Project: Joomla! SubProject: All Severity: Low Versions: 1.7.1 Exploit type: Information Disclosure Reported Date: 2011-August-02 Fixed Date: 2011-October-17 Description Inadequate blunder checking causes intensity report disclosure. Affected Installs Joomla! chronicle 1.7.1 as well as progressing Solution Upgrade to a ultimate Joomla! chronicle (1.7.2 or later) Reported by Aung Khant, YGN Ethical Hacker Group Contact The JSST during a Joomla! Security Center

Visit link:
[20111002] – Core – Information Disclosure

[20110903] – Core – Information Disclosure

Project: Joomla! SubProject: All Severity: Low Versions: 1.7.0 Exploit type: Information Disclosure Reported Date: 2011-September-23 Fixed Date: 2011-September-26 Description Inadequate blunder checking causes report disclosure.

Excerpt from:
[20110903] – Core – Information Disclosure