Joomla Remote Code Execution Vulnerability Fixed

PreAuth PHP Object Injection Critical Vulnerability in vBulletin Versions 5.1.4 to 5.1.9

November 5, 2015

cPanel releases security patches for 20 critical vulnerabilities

January 27, 2016

Published by Sandeep Kamble at December 14, 2015

The Joomla team just released a new Joomla version 3.4.6 to fix serious vulnerability, i.e. remote code execution.

Directly from the Joomla announcement:

Browser information is not filtered properly while saving the session values into the database what leads to a Remote Code Execution vulnerability. Joomla CMS versions 1.5.0 through 3.4.5 are vulnerable to remote code execution

I strongly recommend to Upgrade to Joomla version 3.4.6. The Unofficial fixes for Joomla! 1.5.x and 2.5.x will be provided here.

The Joomla team have not released the technical details yet. We will update you with the technical details as soon as they are available.

Sandeep Kamble

Sandeep Kamble is Founder and CTO of SecureLayer7. You can find him on twitter @sandeepL337

Joomla Remote Code Execution Vulnerability Fixed

PreAuth PHP Object Injection Critical Vulnerability in vBulletin Versions 5.1.4 to 5.1.9

cPanel releases security patches for 20 critical vulnerabilities

Directly from the Joomla announcement:

Sandeep Kamble

Related posts

The Top 5 Penetration Testing Service Companies

Does SOC 2 Type II Require Penetration Testing?

The Complete SOC2 Compliance Checklist

Leave a Reply Cancel reply