SECUNIA ADVISORY ID:
SA39255

VERIFY ADVISORY:
http://secunia.com/advisories/39255/

DESCRIPTION:
Two vulnerabilities have been discovered in the RokModule component
for Joomla, which can be exploited by malicious people to conduct SQL
injection attacks.

Input passed via the "module" and "moduleid" parameters to index.php
(when "option" is set to "com_rokmodule") is not properly sanitised
before being used in a SQL query. This can be exploited to manipulate
SQL queries by injecting arbitrary SQL code.

The vulnerabilities are confirmed in version 1.1. Other versions may
also be affected.

SOLUTION:
Edit the source code to ensure that input is properly sanitised.

PROVIDED AND/OR DISCOVERED BY:
AntiSecurity

ORIGINAL ADVISORY:
http://www.exploit-db.com/exploits/12148

SECUNIA ADVISORY ID:
SA39427

VERIFY ADVISORY:
http://secunia.com/advisories/39427/

DESCRIPTION:
A vulnerability has been reported in the Intellectual Property
component for Joomla!, which can be exploited by malicious people to
conduct SQL injection attacks.

Input passed via the "id" parameter to index.php (if "option" is set
to "com_iproperty" and "view" is set to "agentproperties") is not
properly sanitised before being used in SQL queries. This can be
exploited to manipulate SQL queries by injecting arbitrary code.

The vulnerability is reported in version 1.5.3. Other versions may
also be affected.

SOLUTION:
Edit the source code to ensure that input is properly sanitised.

PROVIDED AND/OR DISCOVERED BY:
v3n0m

SECUNIA ADVISORY ID:
SA39473

VERIFY ADVISORY:
http://secunia.com/advisories/39473/

DESCRIPTION:
A vulnerability has been reported in the Deluxe Blog Factory
component for Joomla, which can be exploited by malicious people to
disclose potentially sensitive information.

Input passed to the "controller" parameter in index.php (when
"option" is set to "com_blogfactory") is not properly verified before
being used to include files. This can be exploited to include
arbitrary files from local resources via directory traversal attacks
and URL-encoded NULL bytes.

The vulnerability is reported in version 1.1.2. Other versions may
also be affected.

SOLUTION:
Edit the source code to ensure that input is properly verified.

PROVIDED AND/OR DISCOVERED BY:
AntiSecurity

ORIGINAL ADVISORY:
http://www.exploit-db.com/exploits/12238

SECUNIA ADVISORY ID:
SA39469

VERIFY ADVISORY:
http://secunia.com/advisories/39469/

DESCRIPTION:
A vulnerability has been reported in the Photo Battle component for
Joomla, which can be exploited by malicious people to disclose
potentially sensitive information.

Input passed to the "view" parameter in index.php (when "option" is
set to "com_photobattle") is not properly verified before being used
to include files. This can be exploited to include arbitrary files
from local resources via directory traversal attacks and URL-encoded
NULL bytes.

The vulnerability is reported in version 1.0.1. Other versions may
also be affected.

SOLUTION:
Edit the source code to ensure that input is properly verified.

PROVIDED AND/OR DISCOVERED BY:
AntiSecurity

ORIGINAL ADVISORY:
http://www.exploit-db.com/exploits/12232

SECUNIA ADVISORY ID:
SA39472

VERIFY ADVISORY:
http://secunia.com/advisories/39472/

DESCRIPTION:
A vulnerability has been reported in the JA Comment component for
Joomla, which can be exploited by malicious people to disclose
potentially sensitive information.

Input passed to the "view" parameter in index.php (when "option" is
set to "com_jacomment") is not properly verified before being used to
include files. This can be exploited to include arbitrary files from
local resources via directory traversal attacks and URL-encoded NULL
bytes.

SOLUTION:
Edit the source code to ensure that input is properly verified.

PROVIDED AND/OR DISCOVERED BY:
AntiSecurity

ORIGINAL ADVISORY:
http://www.exploit-db.com/exploits/12236

SECUNIA ADVISORY ID:
SA39471

VERIFY ADVISORY:
http://secunia.com/advisories/39471/

DESCRIPTION:
A vulnerability has been reported in the Love Factory component for
Joomla, which can be exploited by malicious people to disclose
potentially sensitive information.

Input passed to the "controller" parameter in index.php (when
"option" is set to "com_lovefactory") is not properly verified before
being used to include files. This can be exploited to include
arbitrary files from local resources via directory traversal attacks
and URL-encoded NULL bytes.

The vulnerability is reported in version 1.3.4. Other versions may
also be affected.

SOLUTION:
Edit the source code to ensure that input is properly verified.

PROVIDED AND/OR DISCOVERED BY:
AntiSecurity

ORIGINAL ADVISORY:
http://www.exploit-db.com/exploits/12235