DESCRIPTION:
A vulnerability has been reported in the DOCman component for
Joomla!, which can be exploited by malicious people to conduct SQL
injection attacks.
Certain unspecified input passed to the "search" functionality is not
properly sanitised before being used in SQL queries. This can be
exploited to manipulate SQL queries by injecting arbitrary SQL code.
The vulnerability is reported in versions prior to 1.4.2 and 1.5.10.
SOLUTION:
Update to version 1.4.2 or 1.5.10.
PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.
ORIGINAL ADVISORY:
DOCman:
http://blog.joomlatools.eu/2011/01/docman-1510-and-142-released.htmlhttp://www.joomlatools.eu/products/docman/changelog.html
DESCRIPTION:
A weakness and a vulnerability have been reported in the Akeeba
Backup component for Joomla!, which can be exploited by malicious
people to disclose certain system information and cause a DoS (Denial
of Service).
1) An unspecified error can be exploited to disclose the folder
structure of a vulnerable system. No further information is currently
available.
2) An unspecified error can be exploited to exhaust disk space of a
vulnerable system and cause a crash. No further information is
currently available.
The vulnerabilities are reported in versions prior to 3.2.7.
SOLUTION:
Update to version 3.2.7.
PROVIDED AND/OR DISCOVERED BY:
The vendor credits Jeff Channel.
ORIGINAL ADVISORY:
Akeeba Backup Release Note:
https://www.akeebabackup.com/home/item/1091-akeeba-backup-3-2-7.html
DESCRIPTION:
A vulnerability has been reported in the Facebook Graph Connect
component for Joomla, which can be exploited by malicious people to
disclose potentially sensitive information.
The vulnerability is caused due to an error within an installation
script and can be exploited to disclose certain information about the
installed component.
The vulnerability is reported in version 1.3 to 1.5(L & U).
SOLUTION:
Update to version 1.6.
PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.
ORIGINAL ADVISORY:
http://www.sikkimonline.info/fbgconnect-download/category/1-sikkimonline-downloads