Hi All, I want to let you know about security vulnerabilities in plugin DS-Syndicate for Joomla which probably could be mis utilized for latest hacking techniques if the website is based on Joomla.
Advisory: Vulnerabilities in DS-Syndicate for Joomla Refer URL: http://websecurity.com.ua/4003/ Affected products: all versions of DS-Syndicate for Joomla. These are SQL Injection and Full path disclosure vulnerabilities. SQL Injection: http://site/index2.php?option=ds-syndicate&version=1&feed_id=-1%20or%20version()=5 Full path disclosure: http://site/index2.php?option=ds-syndicate&version=1&feed_id= It seems that the developer of the plugin is not supportting it anymore, so users of the plugin need to fix it by themselves. Regards Sandeep Thakur -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
