1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Joomla Vulernanility through com_jumi

Discussion in 'PHP & Perl' started by silent_thunder, Oct 28, 2009.

  1. silent_thunder

    silent_thunder Regular Member

    Joined:
    Mar 24, 2009
    Messages:
    227
    Likes Received:
    79
    Occupation:
    Research Anal yst
    Location:
    MoneyMakingSutra
    Home Page:
    I suspect a remote file injection vulnerability is there if you had installed a component called jumi and if its not updated to the latest version

    The remote file injected is a couple of component com_mp3 and com_bdpoll check in your components directory of your installation guys

    Thanks
     
  2. ukescuba

    ukescuba Jr. VIP Jr. VIP Premium Member

    Joined:
    Feb 24, 2008
    Messages:
    994
    Likes Received:
    634
    Occupation:
    Mobile Marketer & QR Code Junkie
    Location:
    San Antonio, TX
    Home Page:
    never particularily liked jumi instead i tend to use directphp

    as with any script you install you should always check periodically its up to date, always sign up to their newsletter where possible or rss feed

    for added joomla security i would also recommend sh404sef, as well as search engine friendly urls it helps to a certain degree from injection exploits and also blocks rogue ips listed on honeypot, and flooding

    you cant beat backing up regularily either, lazybackup2 and joomcloner i would recommend them both as well as jsecure

    additionally i tend to stick to more well used/tested addons, else tend to customize my own

    hth
     
    • Thanks Thanks x 1