Joomla.it Forum

Non solo Joomla... => Sicurezza => : alexred 08 Jan 2009, 23:16:37

: Bug Sicurezza Joomla e dei suoi componenti 2009 - Aggiornato al 30-10-09
: alexred 08 Jan 2009, 23:16:37

Vulnerable Extensions List (http://docs.joomla.org/index.php?title=Vulnerable_Extensions_List_oct&oldid=16817)

30-10-09   Componente Jumi 2.0.5 (http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00299.html) backdoored
07-05-09   Joomla Almond Classifieds 5.6.2 Blind SQL Injection Vuln (http://www.bugsearch.net/it/8726/Joomla%20Almond%20Classifieds%205.6.2%20Blind%20SQL%20Injection%20Vuln.html)
22-04-09   Joomla Component rsmonials Remote Cross Site Scxripting Exploit (http://www.bugsearch.net/it/8630/Joomla%20Component%20rsmonials%20Remote%20Cross%20Site%20Scxripting%20Exploit.html)
08-04-09   Joomla Component Cmimarketplace (viewit) Directory Traversal Vuln (http://www.bugsearch.net/it/8496/Joomla%20Component%20Cmimarketplace%20%28viewit%29%20Directory%20Traversal%20Vuln.html)
08-04-09   Joomla Component MailTo (article) SQL Injection Vulnerability (http://www.bugsearch.net/it/8497/Joomla%20Component%20MailTo%20%28article%29%20SQL%20Injection%20Vulnerability.html)
08-04-09   Joomla Component Maian Music 1.2.1 (category) SQL Injection Vuln (http://www.bugsearch.net/it/8498/Joomla%20Component%20Maian%20Music%201.2.1%20%28category%29%20SQL%20Injection%20Vuln.html)
06-04-09   Joomla Component com_bookjoomlas 0.1 SQL Injection Vulnerability (http://www.bugsearch.net/it/8483/Joomla%20Component%20com_bookjoomlas%200.1%20SQL%20Injection%20Vulnerability.html)
12-03-09   Joomla Djice Shoutbox 1.0 Permanent XSS Vulnerability (http://www.bugsearch.net/it/8325/Joomla%20Djice%20Shoutbox%201.0%20Permanent%20XSS%20Vulnerability.html)
06-03-09   Joomla com_ijoomla_archive Blind SQL Injection Exploit (http://www.bugsearch.net/it/8293/Joomla%20com_ijoomla_archive%20Blind%20SQL%20Injection%20Exploit.html)
04-03-09   Joomla com_carman 2.x (Itemid) Remote SQL Injection Exploit (http://www.bugsearch.net/it/8284/Joomla%20com_carman%202.x%20%28Itemid%29%20Remote%20SQL%20Injection%20Exploit.html)
04-03-09   Joomla com_reservation (Itemid) Remote SQL Injection Exploit (http://www.bugsearch.net/it/8280/Joomla%20com_reservation%20%28Itemid%29%20Remote%20SQL%20Injection%20Exploit.html)
03-03-09   Joomla com_digistore (pid) Blind SQL Injection Exploit (http://www.bugsearch.net/it/8268/Joomla%20com_digistore%20%28pid%29%20Blind%20SQL%20Injection%20Exploit.html)
03-03-09   Joomla-Mambo Component eXtplorer Code Execution Vulnerability (http://www.bugsearch.net/it/8266/Joomla-Mambo%20Component%20eXtplorer%20Code%20Execution%20Vulnerability.html)
27-01-09   Joomla com_flashmagazinedeluxe (mag_id) SQL Injection Vulnerability (http://www.bugsearch.net/it/8017/Joomla%20com_flashmagazinedeluxe%20%28mag_id%29%20SQL%20Injection%20Vulnerability.html)
21-01-09   Joomla com_pcchess (game_id) Blind SQL Injection Exploit (http://www.bugsearch.net/it/7983/Joomla%20com_pcchess%20%28game_id%29%20Blind%20SQL%20Injection%20Exploit.html)
21-01-09   Joomla Component beamospetition 1.0.12 SQL Injection - XSS (http://www.bugsearch.net/it/7982/Joomla%20Component%20beamospetition%201.0.12%20SQL%20Injection%20-%20XSS.html)
21-01-09   Joomla Com BazaarBuilder Shopping Cart v.5.0 SQL Injection Exploit (http://www.bugsearch.net/it/7979/Joomla%20Com%20BazaarBuilder%20Shopping%20Cart%20v.5.0%20SQL%20Injection%20Exploit.html)
19-01-09   Joomla com_waticketsystem Blind SQL Injection Exploit (http://www.bugsearch.net/it/7970/Joomla%20com_waticketsystem%20Blind%20SQL%20Injection%20Exploit.html)
19-01-09   Joomla Component com_news SQL Injection Vulnerability (http://www.bugsearch.net/it/7962/Joomla%20Component%20com_news%20SQL%20Injection%20Vulnerability.html)
19-01-09   Joomla com_pccookbook (recipe_id) Blind SQL Injection Exploit (http://www.bugsearch.net/it/7961/Joomla%20com_pccookbook%20%28recipe_id%29%20Blind%20SQL%20Injection%20Exploit.html)
19-01-09   Joomla Component Gigcal 1.x (id) SQL Injection Vulnerability (http://www.bugsearch.net/it/7954/Joomla%20Component%20Gigcal%201.x%20%28id%29%20SQL%20Injection%20Vulnerability.html)
15-01-09   Joomla com_Eventing 1.6.x Blind SQL Injection Exploit (http://www.bugsearch.net/it/7938/Joomla%20com_Eventing%201.6.x%20Blind%20SQL%20Injection%20Exploit.html)
14-01-09   Joomla Component Camelcitydb2 2.2 SQL Injection Vulnerabilities (http://www.bugsearch.net/it/7924/Joomla%20Component%20Camelcitydb2%202.2%20SQL%20Injection%20Vulnerabilities.html)
14-01-09   Joomla Component Fantasytournament SQL Injection Vulnerabilities (http://www.bugsearch.net/it/7922/Joomla%20Component%20Fantasytournament%20SQL%20Injection%20Vulnerabilities.html)
13-01-09   Joomla Component com_gigcal (gigcal_gigs_id) SQL Injection Vuln (http://www.bugsearch.net/it/7896/Joomla%20Component%20com_gigcal%20%28gigcal_gigs_id%29%20SQL%20Injection%20Vuln.html)
12-01-09   Joomla Component Portfol (vcatid) SQL Injection Vulnerability (http://www.bugsearch.net/it/7883/Joomla%20Component%20Portfol%20%28vcatid%29%20SQL%20Injection%20Vulnerability.html)
12-01-09   Joomla com_xevidmegahd (catid) Remote SQL Injection Exploit (http://www.bugsearch.net/it/7865/Joomla%20com_xevidmegahd%20%28catid%29%20Remote%20SQL%20Injection%20Exploit.html)
12-01-09   Joomla com_jashowcase (catid) Remote SQL Injection Exploit (http://www.bugsearch.net/it/7864/Joomla%20com_jashowcase%20%28catid%29%20Remote%20SQL%20Injection%20Exploit.html)
12-01-09   Joomla com_newsflash (id) Remote SQL Injection Vulnerability (http://www.bugsearch.net/it/7863/Joomla%20com_newsflash%20%28id%29%20Remote%20SQL%20Injection%20Vulnerability.html)
07-01-09   Joomla <= 1.5.8 (xstandard editor) Local Directory Traversal Vulnerability (http://www.bugsearch.net/it/7836/Joomla%20%3C%3D%201.5.8%20%28xstandard%20editor%29%20Local%20Directory%20Traversal%20Vulnerability.html)
06-01-09   Joomla com_phocadocumentation (id) Remote SQL Injection Exploit (http://www.bugsearch.net/it/7817/Joomla%20com_phocadocumentation%20%28id%29%20Remote%20SQL%20Injection%20Exploit.html)
05-01-09   Joomla com_na_newsdescription (newsid) SQL Injection Exploit (http://www.bugsearch.net/it/7818/Joomla%20com_na_newsdescription%20%28newsid%29%20SQL%20Injection%20Exploit.html)
05-01-09   Joomla Component simple_review 1.x SQL Injection Vulnerability (http://www.bugsearch.net/it/7813/Joomla%20Component%20simple_review%201.x%20SQL%20Injection%20Vulnerability.html)