Text Size
Tuesday, 07 June 2016 02:09

chronoengines extensions

Written by

chronoforms and other chronoengine extensions

developer's site was infected with malware, but is now reviewed as "safe" according to Google transparency report.

see https://www.google.com/transparencyreport/safebrowsing/diagnostic/?hl=en#url=chronoengine.com

The VEL do not know of any recent reports of vulnerabilities in the extensions themselves....

Stored XSS and SQL Injection in SecurityCheck and SecurityCheck Pro Vulnerable Versions: 2.8.9 (possibly below)

resolution: update to version 2.8.10

update notice: https://securitycheck.protegetuordenador.com/index.php/downloads/securitycheck-j3x

 

 ...

Wednesday, 05 December 2001 06:00

kunena,4.0.10,Information Disclosure

Written by

kunena,4.0.10,Information Disclosure

 

Developers update link

https://www.kunena.org/blog/166-kunena-4-0-11-released...

Wednesday, 05 December 2001 06:00

JoomDOC,4.0.3 information Disclosure

Written by

JoomDOC,4.0.3 ,Information Disclosure...

Using a quick start package may be the quickest way to get a fully set up , add your content site. but are you aware of the dangers.
we tested several quick starts from major providers ranging from Template developers and extension developers who include a ready to go version of Joomla.
We found that there were varying degrees of insecurities. None of these packages are plug/play/forget.

Wednesday, 01 June 2016 22:30

sia failings

after35 minutes on friday in the musical roundabout, I Spoke to SIA after 28 minutes on hold, who despite saying they couldn't speak to me as I personally didn't do the online application, admitted that the letter they should have sent me on the 17th May wasn't actually sent.

Friday, 29 April 2016 00:35

Komento 2.0.6 xss

Written by

We just released Komento 2.0.7 to address a security issue where a remote attacker may be able to launch an xss attack in prior versions of Komento.

 

download http://stackideas.com/dashboard

 ...

Saturday, 21 May 2016 17:27

mod fancy tag cloud,1.017,Other

Written by

mod fancy tag cloud (com_offlajn_installer),1.017,Other...

Saturday, 07 May 2016 02:46

Yeeditor, abandonware

Written by

Yeeditor from Yeedeen

development apparently abandoned, developer's site is infected with malware...

Monday, 25 April 2016 01:24

gmapfp,3.39f,XSS (Cross Site Scripting)

Written by

gmapfp,3.39f,XSS (Cross Site Scripting) Info disclosure, arbitrary fileupload...

Page 4 of 8