• Project: Joomla!
  • Subproject: All
  • Severity: Moderate
  • Versions: 1.5.15 and all previous 1.5 releases
  • Exploit type: Information Disclosure
  • Reported Date: 2010-Feb-21
  • Fixed Date: 2010-Apr-23

Description

If a user Entered a URL with a query limit or offset negative, revealing a PHP notice Would display information about the system.

Affected Installs

All 1.5.x installs prior to and Including 1.5.15 are affected.

Solution

Upgrade to the latest Joomla! version (1.5.16 or later)

Reported by Security List

Contact

The JSST at the Joomla! Security Center .