a2 hosting joomla sponsor

Who is A2 Hosting? It’s likely that you’re already familiar with A2 Hosting. Not only are they an active Joomla! Community member and have sponsored Joomla! and our community, they have been hosting Joomla! sites since their launch back in 2003....

joomla 4 php7

With the prospect of Joomla 4 next year we would like to raise awareness on the must of upgrading to PHP 7. Joomla 4 will require PHP 7 to run, as stated in this announcement. Most hosts already offer PHP 7 in their packages and it should be fairly easy to change your PHP version. (Hint: before you do, make sure you backup) If not, contact your...

  • Project: Joomla!
  • SubProject: CMS
  • Severity:Medium
  • Versions: 1.5.0 through 3.8.1
  • Exploit type: Information Disclosure
  • Reported Date: 2017-October-06
  • Fixed Date: 2017-November-07
  • CVE Number:CVE-2017-14596

Description

Inadequate escaping in the LDAP authentication plugin can result in disclosure of username and password.

Affected Installs

Joomla! CMS versions...

  • Project: Joomla!
  • SubProject: CMS
  • Severity:Medium
  • Versions: 3.2.0 through 3.8.1
  • Exploit type: 
  • Reported Date: 2017-October-31
  • Fixed Date: 2017-November-07
  • CVE Number:CVE-2017-16634

Description

A bug allowed third parties to bypass a user's 2-factor-authentication method.

Affected Installs

Joomla! CMS versions 3.2.0 through 3.8.1

Solution

Upgrade to...