SlideShare a Scribd company logo

Joomla Vulnerabilities And Consequences Discussed

Download as PPTX, PDF
Sqa Enthusiast
Sqa Enthusiast

The document discusses vulnerabilities found in the popular content management system Joomla. It notes that over 30 million downloads of Joomla have occurred to date. It then discusses specific vulnerabilities the author has discovered in Joomla, including an old version of the JCE ImageManager add-on that is included in some template bundles. The document stresses the importance of updating, managing, and maintaining applications to address vulnerabilities and protect sites.

TechnologyNews & Politics
1 of 8
And consequences JOOMLA VULNERABILITIES - Abhibandu Kafle
Bachelors in computer engineering final year student Been acknowleged by adf.ly and apple.com for responsible disclosure Of vulnerabilities Founder of Nep Security community WHO I AM?
WHAT I HAVE BEEN DOING ?
THE SCENERIO
-most popular CMS solutions for community sites in the world -boasts over 30m downloads to date. -powers noteworthy sites as Cloud.com, Linux.com JOOMLA : INTRODUCTION
VULNERABILITIES DISCOVERED/ADDRESSED 0 20 40 60 80 100 120 140 year 2010 year 2011 year 2012 patched now not been given a fix http://docs.joomla.org /Vulnerable_Extension s_List
Problem is that an old version of one of the JCE addons called ImageManager Templates providers include the JCE editor together with ImageManager as part of their template bundle installations Affrected versions = 2.0.10 and below LIVE DEMO OF JCE
All of us knew, we needed to update , manage and maintain the application. The demo explained , why ? Realizing the scenerio and being responsible WHAT TO LEARN ?

Recommended

key contacts,am mobile app presntation
key contacts,am mobile app presntationkey contacts,am mobile app presntation
key contacts,am mobile app presntationiambleessd
 
Jd gr-2012-workshop
Jd gr-2012-workshopJd gr-2012-workshop
Jd gr-2012-workshopCB Team @ Joomlapolis
 
Crisis Times. Turn Joomla into a job opportunity.
Crisis Times. Turn Joomla into a job opportunity. Crisis Times. Turn Joomla into a job opportunity.
Crisis Times. Turn Joomla into a job opportunity. Pedro Francisco Vidal López
 
Over the air 2.5 - Adobe AIR for Android
Over the air 2.5 - Adobe AIR for AndroidOver the air 2.5 - Adobe AIR for Android
Over the air 2.5 - Adobe AIR for AndroidMichael Chaize
 
Flex and the city in London - Keynote
Flex and the city in London - KeynoteFlex and the city in London - Keynote
Flex and the city in London - KeynoteMichael Chaize
 
From Desktop to Mobile: Application Functionality for Small Screens
From Desktop to Mobile: Application Functionality for Small ScreensFrom Desktop to Mobile: Application Functionality for Small Screens
From Desktop to Mobile: Application Functionality for Small ScreensJoseph Labrecque
 
TO DO list APP Called Do It
TO DO list APP Called Do ItTO DO list APP Called Do It
TO DO list APP Called Do Itمحمود فرغلي
 
Progressing beyond the Desktop at Universities with Adobe AIR
Progressing beyond the Desktop at Universities with Adobe AIRProgressing beyond the Desktop at Universities with Adobe AIR
Progressing beyond the Desktop at Universities with Adobe AIRJoseph Labrecque
 

Recommended

key contacts,am mobile app presntation
key contacts,am mobile app presntationkey contacts,am mobile app presntation
key contacts,am mobile app presntationiambleessd
 
Jd gr-2012-workshop
Jd gr-2012-workshopJd gr-2012-workshop
Jd gr-2012-workshopCB Team @ Joomlapolis
 
Crisis Times. Turn Joomla into a job opportunity.
Crisis Times. Turn Joomla into a job opportunity. Crisis Times. Turn Joomla into a job opportunity.
Crisis Times. Turn Joomla into a job opportunity. Pedro Francisco Vidal López
 
Over the air 2.5 - Adobe AIR for Android
Over the air 2.5 - Adobe AIR for AndroidOver the air 2.5 - Adobe AIR for Android
Over the air 2.5 - Adobe AIR for AndroidMichael Chaize
 
Flex and the city in London - Keynote
Flex and the city in London - KeynoteFlex and the city in London - Keynote
Flex and the city in London - KeynoteMichael Chaize
 
From Desktop to Mobile: Application Functionality for Small Screens
From Desktop to Mobile: Application Functionality for Small ScreensFrom Desktop to Mobile: Application Functionality for Small Screens
From Desktop to Mobile: Application Functionality for Small ScreensJoseph Labrecque
 
TO DO list APP Called Do It
TO DO list APP Called Do ItTO DO list APP Called Do It
TO DO list APP Called Do Itمحمود فرغلي
 
Progressing beyond the Desktop at Universities with Adobe AIR
Progressing beyond the Desktop at Universities with Adobe AIRProgressing beyond the Desktop at Universities with Adobe AIR
Progressing beyond the Desktop at Universities with Adobe AIRJoseph Labrecque
 
Mobile Developers Guide To The Galaxy
Mobile Developers Guide To The GalaxyMobile Developers Guide To The Galaxy
Mobile Developers Guide To The GalaxyAvenga Germany GmbH
 
Content Management Opensource solutins
Content Management Opensource solutinsContent Management Opensource solutins
Content Management Opensource solutinsDigital Pymes
 
Wp smile cms-julio2011
Wp smile cms-julio2011Wp smile cms-julio2011
Wp smile cms-julio2011Jordi Sabater Domènech
 
CMS guide
CMS guideCMS guide
CMS guideDigital Pymes
 
Php Leads Web2 0
Php Leads Web2 0Php Leads Web2 0
Php Leads Web2 0guestf34485
 
Avoiding the domino effect in our [micro]services (SOLID at macro-design level)
Avoiding the domino effect in our [micro]services (SOLID at macro-design level)Avoiding the domino effect in our [micro]services (SOLID at macro-design level)
Avoiding the domino effect in our [micro]services (SOLID at macro-design level)CodelyTV
 
UX Concerns across Mobile Platforms
UX Concerns across Mobile PlatformsUX Concerns across Mobile Platforms
UX Concerns across Mobile PlatformsJoseph Labrecque
 
AIR for Higher Education
AIR for Higher EducationAIR for Higher Education
AIR for Higher EducationJoseph Labrecque
 
Flash: A call for sanity
Flash: A call for sanityFlash: A call for sanity
Flash: A call for sanityAndrew Dobson
 
Summit 2015: Mobile App Dev and Content Management with Adobe Experience Manager
Summit 2015: Mobile App Dev and Content Management with Adobe Experience ManagerSummit 2015: Mobile App Dev and Content Management with Adobe Experience Manager
Summit 2015: Mobile App Dev and Content Management with Adobe Experience Managerbrucelefebvre
 
Journey to end user computing dallas vmug may 2013
Journey to end user computing dallas vmug may 2013Journey to end user computing dallas vmug may 2013
Journey to end user computing dallas vmug may 2013Tommy Trogden
 
Final fit project I-phone for adobe
Final fit project I-phone for adobeFinal fit project I-phone for adobe
Final fit project I-phone for adobeHeather Vega
 
5 ways to simply add media accessibility (m16y) to your jamstack app
5 ways to simply add media accessibility (m16y) to your jamstack app5 ways to simply add media accessibility (m16y) to your jamstack app
5 ways to simply add media accessibility (m16y) to your jamstack appTessa Mero
 
Debugging mobile websites and web apps
Debugging mobile websites and web appsDebugging mobile websites and web apps
Debugging mobile websites and web appsMihai Corlan
 
Jalimo Slides Linuxtag2008
Jalimo Slides Linuxtag2008Jalimo Slides Linuxtag2008
Jalimo Slides Linuxtag2008smancke
 
Android Demonstration Solution (ADS)
Android Demonstration Solution (ADS) Android Demonstration Solution (ADS)
Android Demonstration Solution (ADS) Amila Gamanayake
 
VMUG Sweden 2013-02-08 - Puppet and Razor
VMUG Sweden 2013-02-08 - Puppet and RazorVMUG Sweden 2013-02-08 - Puppet and Razor
VMUG Sweden 2013-02-08 - Puppet and RazorJonas Rosland
 
SOLID principles
SOLID principlesSOLID principles
SOLID principlesMartijn Dashorst
 
Mobile Developer's Guide To The Galaxy Edition 2
Mobile Developer's Guide To The Galaxy Edition 2Mobile Developer's Guide To The Galaxy Edition 2
Mobile Developer's Guide To The Galaxy Edition 2Avenga Germany GmbH
 
after-effects-not-sending-to-media-encoder - Copy (2).docx
after-effects-not-sending-to-media-encoder - Copy (2).docxafter-effects-not-sending-to-media-encoder - Copy (2).docx
after-effects-not-sending-to-media-encoder - Copy (2).docxMiniTool Software
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 

More Related Content

Similar to Joomla Vulnerabilities And Consequences Discussed

Mobile Developers Guide To The Galaxy
Mobile Developers Guide To The GalaxyMobile Developers Guide To The Galaxy
Mobile Developers Guide To The GalaxyAvenga Germany GmbH
 
Content Management Opensource solutins
Content Management Opensource solutinsContent Management Opensource solutins
Content Management Opensource solutinsDigital Pymes
 
Php Leads Web2 0
Php Leads Web2 0Php Leads Web2 0
Php Leads Web2 0guestf34485
 
Avoiding the domino effect in our [micro]services (SOLID at macro-design level)
Avoiding the domino effect in our [micro]services (SOLID at macro-design level)Avoiding the domino effect in our [micro]services (SOLID at macro-design level)
Avoiding the domino effect in our [micro]services (SOLID at macro-design level)CodelyTV
 
UX Concerns across Mobile Platforms
UX Concerns across Mobile PlatformsUX Concerns across Mobile Platforms
UX Concerns across Mobile PlatformsJoseph Labrecque
 
Flash: A call for sanity
Flash: A call for sanityFlash: A call for sanity
Flash: A call for sanityAndrew Dobson
 
Summit 2015: Mobile App Dev and Content Management with Adobe Experience Manager
Summit 2015: Mobile App Dev and Content Management with Adobe Experience ManagerSummit 2015: Mobile App Dev and Content Management with Adobe Experience Manager
Summit 2015: Mobile App Dev and Content Management with Adobe Experience Managerbrucelefebvre
 
Journey to end user computing dallas vmug may 2013
Journey to end user computing dallas vmug may 2013Journey to end user computing dallas vmug may 2013
Journey to end user computing dallas vmug may 2013Tommy Trogden
 
Final fit project I-phone for adobe
Final fit project I-phone for adobeFinal fit project I-phone for adobe
Final fit project I-phone for adobeHeather Vega
 
5 ways to simply add media accessibility (m16y) to your jamstack app
5 ways to simply add media accessibility (m16y) to your jamstack app5 ways to simply add media accessibility (m16y) to your jamstack app
5 ways to simply add media accessibility (m16y) to your jamstack appTessa Mero
 
Debugging mobile websites and web apps
Debugging mobile websites and web appsDebugging mobile websites and web apps
Debugging mobile websites and web appsMihai Corlan
 
Jalimo Slides Linuxtag2008
Jalimo Slides Linuxtag2008Jalimo Slides Linuxtag2008
Jalimo Slides Linuxtag2008smancke
 
Android Demonstration Solution (ADS)
Android Demonstration Solution (ADS) Android Demonstration Solution (ADS)
Android Demonstration Solution (ADS) Amila Gamanayake
 
VMUG Sweden 2013-02-08 - Puppet and Razor
VMUG Sweden 2013-02-08 - Puppet and RazorVMUG Sweden 2013-02-08 - Puppet and Razor
VMUG Sweden 2013-02-08 - Puppet and RazorJonas Rosland
 
Mobile Developer's Guide To The Galaxy Edition 2
Mobile Developer's Guide To The Galaxy Edition 2Mobile Developer's Guide To The Galaxy Edition 2
Mobile Developer's Guide To The Galaxy Edition 2Avenga Germany GmbH
 
after-effects-not-sending-to-media-encoder - Copy (2).docx
after-effects-not-sending-to-media-encoder - Copy (2).docxafter-effects-not-sending-to-media-encoder - Copy (2).docx
after-effects-not-sending-to-media-encoder - Copy (2).docxMiniTool Software
 

Similar to Joomla Vulnerabilities And Consequences Discussed (20)

Mobile Developers Guide To The Galaxy
Mobile Developers Guide To The GalaxyMobile Developers Guide To The Galaxy
Mobile Developers Guide To The Galaxy
 
Content Management Opensource solutins
Content Management Opensource solutinsContent Management Opensource solutins
Content Management Opensource solutins
 
Wp smile cms-julio2011
Wp smile cms-julio2011Wp smile cms-julio2011
Wp smile cms-julio2011
 
CMS guide
CMS guideCMS guide
CMS guide
 
Php Leads Web2 0
Php Leads Web2 0Php Leads Web2 0
Php Leads Web2 0
 
Avoiding the domino effect in our [micro]services (SOLID at macro-design level)
Avoiding the domino effect in our [micro]services (SOLID at macro-design level)Avoiding the domino effect in our [micro]services (SOLID at macro-design level)
Avoiding the domino effect in our [micro]services (SOLID at macro-design level)
 
UX Concerns across Mobile Platforms
UX Concerns across Mobile PlatformsUX Concerns across Mobile Platforms
UX Concerns across Mobile Platforms
 
AIR for Higher Education
AIR for Higher EducationAIR for Higher Education
AIR for Higher Education
 
Flash: A call for sanity
Flash: A call for sanityFlash: A call for sanity
Flash: A call for sanity
 
Summit 2015: Mobile App Dev and Content Management with Adobe Experience Manager
Summit 2015: Mobile App Dev and Content Management with Adobe Experience ManagerSummit 2015: Mobile App Dev and Content Management with Adobe Experience Manager
Summit 2015: Mobile App Dev and Content Management with Adobe Experience Manager
 
Journey to end user computing dallas vmug may 2013
Journey to end user computing dallas vmug may 2013Journey to end user computing dallas vmug may 2013
Journey to end user computing dallas vmug may 2013
 
Final fit project I-phone for adobe
Final fit project I-phone for adobeFinal fit project I-phone for adobe
Final fit project I-phone for adobe
 
5 ways to simply add media accessibility (m16y) to your jamstack app
5 ways to simply add media accessibility (m16y) to your jamstack app5 ways to simply add media accessibility (m16y) to your jamstack app
5 ways to simply add media accessibility (m16y) to your jamstack app
 
Debugging mobile websites and web apps
Debugging mobile websites and web appsDebugging mobile websites and web apps
Debugging mobile websites and web apps
 
Jalimo Slides Linuxtag2008
Jalimo Slides Linuxtag2008Jalimo Slides Linuxtag2008
Jalimo Slides Linuxtag2008
 
Android Demonstration Solution (ADS)
Android Demonstration Solution (ADS) Android Demonstration Solution (ADS)
Android Demonstration Solution (ADS)
 
VMUG Sweden 2013-02-08 - Puppet and Razor
VMUG Sweden 2013-02-08 - Puppet and RazorVMUG Sweden 2013-02-08 - Puppet and Razor
VMUG Sweden 2013-02-08 - Puppet and Razor
 
SOLID principles
SOLID principlesSOLID principles
SOLID principles
 
Mobile Developer's Guide To The Galaxy Edition 2
Mobile Developer's Guide To The Galaxy Edition 2Mobile Developer's Guide To The Galaxy Edition 2
Mobile Developer's Guide To The Galaxy Edition 2
 
after-effects-not-sending-to-media-encoder - Copy (2).docx
after-effects-not-sending-to-media-encoder - Copy (2).docxafter-effects-not-sending-to-media-encoder - Copy (2).docx
after-effects-not-sending-to-media-encoder - Copy (2).docx
 

Recently uploaded

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 

Recently uploaded (20)

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 

Joomla Vulnerabilities And Consequences Discussed

  • 2. Bachelors in computer engineering final year student Been acknowleged by adf.ly and apple.com for responsible disclosure Of vulnerabilities Founder of Nep Security community WHO I AM?
  • 3. WHAT I HAVE BEEN DOING ?
  • 5. -most popular CMS solutions for community sites in the world -boasts over 30m downloads to date. -powers noteworthy sites as Cloud.com, Linux.com JOOMLA : INTRODUCTION
  • 6. VULNERABILITIES DISCOVERED/ADDRESSED 0 20 40 60 80 100 120 140 year 2010 year 2011 year 2012 patched now not been given a fix http://docs.joomla.org /Vulnerable_Extension s_List
  • 7. Problem is that an old version of one of the JCE addons called ImageManager Templates providers include the JCE editor together with ImageManager as part of their template bundle installations Affrected versions = 2.0.10 and below LIVE DEMO OF JCE
  • 8. All of us knew, we needed to update , manage and maintain the application. The demo explained , why ? Realizing the scenerio and being responsible WHAT TO LEARN ?