Hi! :) Busy week and busy month... ;)
I have one more information for You today:
in latest Joomla I found information disclosure bug.
Why it's 'information disclosure' (for now)? Because I'm still developing working exploit for "this
parameter". I think it could be extended to other 'validation attacks'... so :D
For now, it's only 'information' (for You). ;)
I will update this information later (maybe next week), but now I have too much to do.
Anyway, if You need "no-public help", as always - mail me;)
EDIT: This is one bug I want to taka look more because it's available for not-logged-in users.
So "my favourite"! ;)