SITE TIPS.info - Page 489 of 935 - security news & tips for the website community

[20201106] – Core – CSRF in com_privacy emailexport feature

Leave a Comment / Joomla / Tipper2010

Project: Joomla!
SubProject: CMS
Impact: Low
Severity: Low
Versions: 3.9.0-3.9.22
Exploit type: CSRF
Reported Date: 2020-10-08
Fixed Date: 2020-11-24
CVE Number: CVE-2020-xxx (TBA)

Description
A missing token check in the emailexport feature of com_p…

[20201106] – Core – CSRF in com_privacy emailexport feature Read More »

[20201105] – Core – User Enumeration in backend login

Leave a Comment / Joomla / Tipper2010

Project: Joomla!
SubProject: CMS
Impact: Low
Severity: Low
Versions: 3.9.0-3.9.22
Exploit type: User Enumeration
Reported Date: 2020-08-15
Fixed Date: 2020-11-24
CVE Number: CVE-2020-xxx (TBA)

Description
Improper handling of the username leads to a …

[20201105] – Core – User Enumeration in backend login Read More »

[20201104] – Core – SQL injection in com_users list view

Leave a Comment / Joomla / Tipper2010

Project: Joomla!
SubProject: CMS
Impact: High
Severity: Low
Versions: 3.0.0-3.9.22
Exploit type: SQL Injection
Reported Date: 2020-10-13
Fixed Date: 2020-11-24
CVE Number: CVE-2020-xxx (TBA)

Description
Improper filter blacklist configuration leads t…

[20201104] – Core – SQL injection in com_users list view Read More »

[20201103] – Core – Path traversal in mod_random_image

Leave a Comment / Joomla / Tipper2010

Project: Joomla!
SubProject: CMS
Impact: Moderate
Severity: Low
Versions: 2.5.0-3.9.22
Exploit type: Path traversal
Reported Date: 2020-10-06
Fixed Date: 2020-11-24
CVE Number: CVE-2020-xxx (TBA)

Description
The folder parameter of mod_random_image l…

[20201103] – Core – Path traversal in mod_random_image Read More »

[20201102] – Core – Disclosure of secrets in Global Configuration page

Leave a Comment / Joomla / Tipper2010

Project: Joomla!
SubProject: CMS
Impact: Moderate
Severity: Low
Versions: 2.5.0-3.9.22
Exploit type: Information Disclosure
Reported Date: 2020-09-23
Fixed Date: 2020-11-24
CVE Number: CVE-2020-xxx (TBA)

Description
The globlal configuration page doe…

[20201102] – Core – Disclosure of secrets in Global Configuration page Read More »

[20201101] – Core – com_finder ignores access levels on autosuggest

Leave a Comment / Joomla / Tipper2010

Project: Joomla!
SubProject: CMS
Impact: Moderate
Severity: Low
Versions: 2.5.0-3.9.22
Exploit type: Information Disclosure
Reported Date: 2020-06-21
Fixed Date: 2020-11-24
CVE Number: CVE-2020-xxx (TBA)

Description
The autosuggestion feature of com_…

[20201101] – Core – com_finder ignores access levels on autosuggest Read More »

How COVID-19 Could Shift Holiday Shopping Behaviors This Year [New Data]

Leave a Comment / Digital Marketing / Tipper2010

A person gives a gift they bought while holiday shopping online during the COVID-19 pandemic.

In 2020, B2C businesses all over the world pivoted their strategies as consumers dealt with the COVID-19 pandemic.

How COVID-19 Could Shift Holiday Shopping Behaviors This Year [New Data] Read More »

What Are Website Traffic Exchange Sites? (And Why You Shouldn’t Use Them)

Leave a Comment / Digital Marketing / Tipper2010

Traffic matters. The more traffic your website generates, the greater your chances of capturing visitor interest, encouraging user action and generating sales.

What Are Website Traffic Exchange Sites? (And Why You Shouldn’t Use Them) Read More »