Friday, 27 April 2012

[EN] Joomla 2.5.4 Information disclosure

Hi! :) Busy week and busy month... ;)

I have one more information for You today:
in latest Joomla I found information disclosure bug.

Why it's 'information disclosure' (for now)? Because I'm still developing working exploit for "this
parameter". I think it could be extended to other 'validation attacks'... so :D

For now, it's only 'information' (for You). ;)

I will update this information later (maybe next week), but now I have too much to do.

Anyway, if You need "no-public help", as always - mail me;)

Cheers! o/

EDIT: This is one bug I want to taka look more because it's available for not-logged-in users.
So "my favourite"! ;)

No comments:

Post a comment

What do You think...?