{"id":23165,"date":"2020-12-09T09:47:55","date_gmt":"2020-12-09T01:47:55","guid":{"rendered":"https:\/\/web.mwwsb.com.my\/pjci\/?post_type=kb&p=23165"},"modified":"2022-09-08T21:40:30","modified_gmt":"2022-09-08T13:40:30","slug":"security-alert-joomla-vulnerability-info","status":"publish","type":"kb","link":"https:\/\/www.casbay.com\/guide\/kb\/security-alert-joomla-vulnerability-info","title":{"rendered":"SECURITY ALERT: Joomla vulnerability [INFO]"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t

SECURITY ALERT: Joomla vulnerability [INFO]<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

Joomla vulnerability <\/span>has\u00a0<\/span>been\u00a0<\/span>notified\u00a0<\/span>to\u00a0<\/span>our\u00a0<\/span>security <\/span>team <\/span>that\u00a0<\/span>allows <\/span>hackers\u00a0<\/span>or <\/span>unauthorised. For instance, I<\/span>ndividuals\u00a0<\/span>to\u00a0<\/span>access\u00a0<\/span>your\u00a0<\/span>Joomla\u00a0<\/span>hosting.<\/span>
However, see more details below:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t

Joomla Developer\u2019s Security News<\/strong><\/a>
Dark Security\u2019s Advisories<\/strong><\/a><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t

Extra information<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t

Introduction<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

Joomla<\/a> is one of the most popular open-source content management systems. It is especially a common target for attackers<\/strong> due to its popularity and the wide variety of extensions that are available to us. Therefore, we would recommend you to use some Joomla security scans to test your site. Besides, the scans are also useful to detect security issues, configuration errors, and poor reputation links. Thus, by using them, you can get to work mitigating the Joomla vulnerability<\/strong>.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t

Vulnerability <\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

The vulnerability allows hackers to hack Joomla websites through the Media Manager. To exploit the vulnerability, the attacker has to find a Joomla site that allows access to the media manager to its users. Then, s\/he will register an account and use the vulnerability. They will use it to upload a malicious shell script to this site through the Media Manager. After that, the attacker can do pretty much anything like edit your files, access your database, delete information, and others.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t

Security<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

Security is as important as website design and content. However, sadly we often ignore this until negative impacts occur. Not correctly configured\/hardened Joomla server can be vulnerable to many. These include remote code execution, SQL Injection, Cross-Site Scripting, Information leakage, etc.<\/p>

Furthermore, security is a process cycle, which one should always perform against web applications. There are some great Joomla security scanner tools out there such as Hacker Target<\/a>, Detectify<\/a>, SUCURI<\/a>, SiteGuarding<\/a>, and more.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

SECURITY ALERT: Joomla vulnerability [INFO] Joomla vulnerability has\u00a0been\u00a0notified\u00a0to\u00a0our\u00a0security team that\u00a0allows hackers\u00a0or unauthorised. For instance, Individuals\u00a0to\u00a0access\u00a0your\u00a0Joomla\u00a0hosting.However, see more details below: Joomla Developer\u2019s Security NewsDark Security\u2019s Advisories Extra information Introduction Joomla is one of the most popular open-source content management systems. It is especially a common target for attackers due to its popularity and the wide variety […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"site-sidebar-layout":"no-sidebar","site-content-layout":"page-builder","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"disabled","ast-breadcrumbs-content":"","ast-featured-img":"disabled","footer-sml-layout":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"default","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}}},"kbtopic":[43,117],"kbtag":[106],"mkb_version":[],"_links":{"self":[{"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/kb\/23165"}],"collection":[{"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/kb"}],"about":[{"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/types\/kb"}],"author":[{"embeddable":true,"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/comments?post=23165"}],"version-history":[{"count":4,"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/kb\/23165\/revisions"}],"predecessor-version":[{"id":37002,"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/kb\/23165\/revisions\/37002"}],"wp:attachment":[{"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/media?parent=23165"}],"wp:term":[{"taxonomy":"kbtopic","embeddable":true,"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/kbtopic?post=23165"},{"taxonomy":"kbtag","embeddable":true,"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/kbtag?post=23165"},{"taxonomy":"mkb_version","embeddable":true,"href":"https:\/\/www.casbay.com\/guide\/wp-json\/wp\/v2\/mkb_version?post=23165"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}