|
NeoJoomla is a professional portal dedicated to the Joomla CMS! NeoJoomla provides free and commercial Extensions, a Template Club and Services.
NeoJoomla is also a one-stop source for all-news, updates and information related to Joomla! and the Joomla! community. We provide lots of tips, tutorials and resources to help you enhance your website.
You don't have an account yet? Register now! |
|
11/20/2006 |
For a few months, the popularity of Joomla has attracted a wave of hackers on the community. How are they caught there? Where are the faults? What to make to protect itself?
Some answers in this article
Certain components are vulnerable to Code Inclusion attacks.
I.e. that it is possible via the Web to modify files on your waiter.
Generally handling consists in replacing your file configuration.php by
the page of the hacker.
Here a list of components which comprise or which comprised in their preceding versions this type of vulnerability:
- com_simpleboard
- com_hashcash
- com_htmlarea3_xtd-c
- com_sitemap
- com_performs
- com_forum
- com_pccookbook
- com_extcalendar
- minibb
- com_smf
- com_pollxt
- com_loudmounth
- com_videodb
- com_pcchess
- com_multibanners
|
- com_mgm
- com_mambatstaff
- com_securityimages
- com_artlinks
- com_galleria
- com_akocomment com_cropimage
- com_catalogs
- com_kochsuite
- com_comprofiler
- com_zoom
- com_serverstat
- com_fm
- com_a6mambohelpdesk
- com_colophon
|
What to make if you have one of these components on your site? 3 solutions are offered to you:
- Download the last update of the component
- Modify yourself the component to prevent this type of attack (an article will detail handling soon)
- As a last resort, remove it!
|
|
|