Joomla Remote Code Execution Vulnerability Fixed

PreAuth PHP Object Injection Critical Vulnerability in vBulletin Versions 5.1.4 to 5.1.9

November 5, 2015

cPanel releases security patches for 20 critical vulnerabilities

January 27, 2016

Published by Sandeep Kamble at December 14, 2015

The Joomla team just released a new Joomla version 3.4.6 to fix serious vulnerability, i.e. remote code execution.

Directly from the Joomla announcement:

Browser information is not filtered properly while saving the session values into the database what leads to a Remote Code Execution vulnerability. Joomla CMS versions 1.5.0 through 3.4.5 are vulnerable to remote code execution

I strongly recommend to Upgrade to Joomla version 3.4.6. The Unofficial fixes for Joomla! 1.5.x and 2.5.x will be provided here.

The Joomla team have not released the technical details yet. We will update you with the technical details as soon as they are available.

Sandeep Kamble

Sandeep Kamble is Founder and CTO of SecureLayer7. You can find him on twitter @sandeepL337

Joomla Remote Code Execution Vulnerability Fixed

PreAuth PHP Object Injection Critical Vulnerability in vBulletin Versions 5.1.4 to 5.1.9

cPanel releases security patches for 20 critical vulnerabilities

Directly from the Joomla announcement:

Sandeep Kamble

Related posts

Analysis of CVE-2023-38831 Zero-Day vulnerability in WinRAR

How to Set Up a Comprehensive Penetration Testing Program?

The Top 5 Penetration Testing Service Companies

Leave a Reply Cancel reply