|
نوشته شده توسط امیر حسین آستانه ها
|
|
چهارشنبه ، 10 تیر 1388 ، 21:36 |
|
Joomla Versions: 1.5.11 and all previous 1.5 releases - Core - Missing JEXEC Check - Severity: Moderate - Project: Joomla!
- SubProject: Admin client
- Severity: Moderate
- Versions: 1.5.11 and all previous 1.5 releases
- Exploit type: XSS
- Reported Date: 2009-June-22
- Fixed Date: 2009-June-30
Description Some files were missing the check for JEXEC. These scripts will then expose internal path information of the host. Affected Installs All 1.5.x installs prior to and including 1.5.11 are affected. Solution Upgrade to latest Joomla! version (1.5.12 or newer).
|
