Joomla! Mosets Tree Component Two Vulnerabilities

SECUNIA ADVISORY ID:
SA42929

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/42929/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=42929

RELEASE DATE:
2011-01-14
DESCRIPTION:
Two vulnerabilities have been reported in Mosets Tree component for
Joomla!, which can be exploited by malicious users to bypass certain
security restrictions.

1) The component allows users to overwrite other users' listings. No
further information is currently available.

2) The component allows a certain unspecified read-only front-end
field to be overwritten. No further information is currently
available.

The vulnerabilities are reported in versions prior to 2.1.8.

SOLUTION:
Update to version 2.1.8.

PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.

ORIGINAL ADVISORY:
Mosets Tree:
http://forum.mosets.com/showthread.php?t=17064

RECENT ARTICLE

RECENT POST