Page 1 of 1
[UPGRADE AVAIL.] Joomla Colophon
Posted: Mon Jul 31, 2006 1:26 pm
by Elpie
Remote file inclusion in admin.colophon.php. Vulnerable version = 1.2, other versions may also be affected.
Re: Joomla Colophon
Posted: Mon Jul 31, 2006 1:48 pm
by brian
Re: Joomla Colophon
Posted: Mon Jul 31, 2006 2:16 pm
by infograf768
Changed ttle to reflect Secunia advisory.
Developper's site has beed defaced btw:
http://www.sirjoe.it/components/com_jd- ... k.php?p=77
Re: Joomla Colophon
Posted: Tue Aug 01, 2006 6:15 am
by RobS
Thanks, adding to the list.
Re: Joomla Colophon
Posted: Wed Aug 02, 2006 11:15 pm
by elmoch
You can use
JM-Credits instead of Colophon.
JM-Credits doesn't have that vulnerability and is much more configurable than Colophon.
I hope you like it!
Re: Joomla Colophon
Posted: Thu Aug 03, 2006 6:11 am
by infograf768
JM is MY trademark (short for Jean-Marie)
(just a French joke, totally OT)
Re: [ABANDONED] Joomla Colophon
Posted: Tue Aug 29, 2006 11:33 pm
by kaizen
Colophon is now in version 1.3.1 which includes fixes for the vulnerabiilities listed as well as some other updates. Site, which was NEVER 'defaced' BTW, is now back up and is in the process of being fully restored.
I have not abandoned this project or the other works at SchoolastechWorks, which include BadWords2 and I hope to get back on my feet after a extremely trying string of personal hardships and two tragic losses.
I'd appreciate it if the mods would update the listing as appropriate.