SECUNIA ADVISORY ID:
SA42164

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/42164/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=42164

RELEASE DATE:
2010-11-10
DESCRIPTION:
Salvatore Fresta has discovered a vulnerability in the JQuarks4s
component for Joomla!, which can be exploited by malicious people to
conduct SQL injection attacks.

Input passed via the "q" array index parameter to index.php (when
"option" is set to "com_jquarks4s", "task" is set to "submitSurvey",
and the "q" parameter is set to "4") is not properly sanitised before
being used in SQL queries. This can be exploited to manipulate SQL
queries by injecting arbitrary SQL code.

The vulnerability is confirmed in version 1.0.0. Other versions may
also be affected.

SOLUTION:
Edit the source code to ensure that input is properly sanitised.

PROVIDED AND/OR DISCOVERED BY:
Salvatore Fresta aka Drosophila

ORIGINAL ADVISORY:
Salvatore Fresta:
http://adv.salvatorefresta.net/JQuarks4s_Joomla_Component_1.0.0_Blind_SQL_Injection_Vulnerability-08112010.txt
 

SECUNIA ADVISORY ID:
SA42182

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/42182/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=42182

RELEASE DATE:
2010-11-08
DESCRIPTION:
Some vulnerabilities have been reported in the  RSForm! component for
Joomla!, which can be exploited by malicious people to disclose
sensitive information and conduct SQL injection attacks.

1) Input passed via the "lang" parameter to index.php (when "option"
is set to "com_forme") is not properly verified before being used to
include files. This can be exploited to include arbitrary files from
local resources via directory traversal sequences and URL-encoded
NULL bytes.

2) Input passed via the "lang" parameter to index.php (when "option"
is set to "com_forme") is not properly sanitised before being used in
SQL queries. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code.

The vulnerabilities are reported in version 1.0.5. Other versions may
also be affected.

SOLUTION:
Update to version 1.0.6.

PROVIDED AND/OR DISCOVERED BY:
jdc

ORIGINAL ADVISORY:
RSJoomla:
http://www.rsjoomla.com/customer-support/documentations/12-general-overview-of-the-component/46-rsform-changelog.html

 

SECUNIA ADVISORY ID:
SA42186

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/42186/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=42186

RELEASE DATE:
2010-11-08
DESCRIPTION:
A vulnerability has been reported in the nBill component for Joomla!,
which can be exploited by malicious people to disclose sensitive
information.

Certain unspecified input in not properly sanitised before being
used, which can be exploited to disclose sensitive information via
directory traversal attacks.

The vulnerabilities are reported in 2.0.9 standard edition, 2.0.10
lite edition, and 1.2_10. Other versions may also be affected.

SOLUTION:
Update to 2.0.9 standard edition, 2.0.10 lite edition, or 1.2_10 and
apply the patch.

PROVIDED AND/OR DISCOVERED BY:
Discovered in the wild.

ORIGINAL ADVISORY:
http://www.nbill.co.uk/newsflash/security-patch-for-all-versions-of-nbill.html
 

SECUNIA ADVISORY ID:
SA42133

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/42133/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=42133

RELEASE DATE:
2010-11-05
DESCRIPTION:
Multiple vulnerabilities have been discovered in Joomla, which can be
exploited by malicious people to conduct SQL injection attacks.

Input passed via the "filter_order" and "filter_order_Dir" parameters
to index.php (e.g. when "option" is set to "com_weblinks",
"com_contact", or "com_messages") is not properly verified before
being used in a SQL query. This can be exploited to manipulate SQL
queries by injecting limited SQL code, which may result in e.g.
information disclosure via database errors.

The vulnerabilities are reported in versions prior to 1.5.22.

SOLUTION:
Update to version 1.5.22.

PROVIDED AND/OR DISCOVERED BY:
YGN Ethical Hacker Group

ORIGINAL ADVISORY:
Joomla:
http://developer.joomla.org/security/news/9-security/10-core-security/323-20101101-core-sqli-info-disclosurevulnerabilities.html
 

Joomla! Project ได้ประกาศออก Joomla 1.5.22 [senu takaa ama woi] เป็นการเร่งด่วน. โดยในเวอร์ชั่นนี้เป็นการแก้ไขในเรื่องของการรักษาความปลอดภัย เราขอแนะนำให้ผู้ใช้งานทุกท่านทำการอัพเดททันที

โดยเป้าหมายของทีม Development Working Group's นั้นก็เพื่อรองรับการใช้งานของกลุ่มผู้ใช้ Joomla ทั่งหลาย.

SECUNIA ADVISORY ID:
SA42072

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/42072/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=42072

RELEASE DATE:
2010-11-02
DESCRIPTION:
A vulnerability has been reported in the Sponsor Wall component for
Joomla!, which can be exploited by malicious people to conduct SQL
injection attacks.

Input passed via the "catid" parameter to index.php (when "option" is
set to "com_sponsorwall" and "controller" is set to "sponsorwall") is
not properly sanitised before being used in SQL queries. This can be
exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability is reported in version 1.1. Other versions may also
be affected.

SOLUTION:
Edit the source code to ensure that input is properly sanitised.

PROVIDED AND/OR DISCOVERED BY:
Fl0riX