Vigil@nce: Joomla, four vulnerabilities
July 2010 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
An attacker can generate three Cross Site Scripting and a SQL
injection in Joomla.
– Severity: 2/4
– Creation date: 16/07/2010
DESCRIPTION OF THE VULNERABILITY
Four vulnerabilities were announced in Joomla.
An attacker can inject SQL data, and obtain the installation path
of Joomla. [severity:2/4]
An attacker can generate several Cross Site Scripting in the web
administration interface of Joomla. [severity:2/4]
An attacker can generate several Cross Site Scripting in the web
administration interface of Joomla. [severity:2/4]
An attacker can generate several Cross Site Scripting in the web
administration interface of Joomla. [severity:2/4; CVE-2010-2535,
oCERT-2010-002]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Joomla-four-vulnerabilities-9772