Posted by: Admin
on Sep 24, 2009
This Security Advisory is delivered as a service by Hanzo Host to help our customers
and friends keep their systems up-to-date against the latest vulnerabilities.
Security Advisory
Posted by: Admin
on Sep 24, 2009
This Security Advisory is delivered as a service by Hanzo Host to help our customers
and friends keep their systems up-to-date against the latest vulnerabilities.
Security Advisory
Posted by: Admin
on Sep 18, 2009
This Security Advisory is delivered as a service by Hanzo Host to help our customers
and friends keep their systems up-to-date against the latest vulnerabilities.
Security Advisory
Posted by: Admin
on Sep 16, 2009
This Security Advisory was delivered as a customer service announcement by Hanzo Host to help our customers
and friends keep their systems up-to-date against the latest vulnerabilities.
Security Advisory
Joomla DJ-Catalog Component
Posted by: Admin
on Aug 2, 2009
This Security Advisory was delivered by Hanzo Host to help our customers
and friends keep their systems up-to-date against the latest vulnerabilities.
Security Advisory
JFusion Joomla component Blind SQL Injection Vulnerability
Posted by: Admin
on Jan 30, 2009
Joomla Flash Magazine Deluxe Component "mag_id" SQL Injection vulnerabilities have been reported.
Solution:
Edit the source code to ensure that input is properly sanitised.
Posted by: Admin
on Jan 30, 2009
Some vulnerabilities have been discovered in VirtueMart, which can be exploited by malicious people and users to conduct SQL injection attacks.
Successful exploitation of several of the vulnerabilities requires VirtueMart administrative access.
These vulnerabilities are confirmed in version 1.1.2. Other versions may also be affected.
Solution:
Update to version 1.1.3
Posted by: Admin
on Jan 22, 2009
A vulnerability in the BazaarBuilder Shopping Cart component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks, has been reported.
Input passed via the "cid" parameter in index.php (when "option" is set to "com_prod" and "task" is set to "products") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
Posted by: Admin
on Jan 17, 2009
The RD-Autos component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This affects RD-Autos 1 5.2; other versions may also be affected.
Posted by: Admin
on Jan 17, 2009
The 'com_fantasytournament' component for Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitise user-supplied data before using it in an SQL query.
Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
