Website Redirecting to Spammy Websites

Discussion regarding Joomla! 3.x security issues.

Moderators: Bernard T, mandville, fcoulter, PhilD, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Post Reply
bgareth2
Joomla! Apprentice
Joomla! Apprentice
Posts: 35
Joined: Tue May 31, 2011 3:08 pm

Website Redirecting to Spammy Websites

Post by bgareth2 » Sat Apr 27, 2019 6:05 am

Hi, I have had a read of several pages of instructions relating to posting here. The issue for me is that I have checked all of my custom extensions against the Joomla VEL and drawn a blank. If I can't pin down how my website got hacked in the first place, I can't avoid it happening again. I get the logic about replacing Joomla files with fresh files but I also don't understand how this would resolve a potential SQL attack or indeed how to check for a SQL injection. I regular update my website and extensions (where extension updates are available). I have run the FPA: Many thanks..
Forum Post Assistant (v1.4.8 (koine)) : 27th April 2019 wrote:
Problem Description :: wrote:Redirect Hack
Log/Error Message :: wrote:Redirecting to dodgy websites
Actions Taken To Resolve wrote:Researched online and hit the Joomla Security Forum!
Basic Environment :: wrote:Joomla! Instance :: Joomla! 3.9.5-Stable (Amani) 9-April-2019
Joomla! Platform :: Joomla Platform 13.1.0-Stable (Curiosity) 24-Apr-2013
Joomla! Configured :: Yes | Writable (644) | Owner: --protected-- . (uid: 1/gid: 1) | Group: --protected-- (gid: 1) | Valid For: 3.9
Configuration Options :: Offline: false | SEF: false | SEF Suffix: false | SEF ReWrite: false | .htaccess/web.config: No | GZip: false | Cache: false | CacheTime: 15 | CacheHandler: file | CachePlatformPrefix: false | FTP Layer: false | Proxy: false | LiveSite: | Session lifetime: 2000000 | Session handler: database | Shared sessions: N/A | SSL: 0 | Error Reporting: default | Site Debug: false | Language Debug: false | Default Access: 1 | Unicode Slugs: false | dbConnection Type: mysqli | PHP Supports J! 3.9.5: Yes | Database Supports J! 3.9.5: Yes | Database Credentials Present: Yes |

Host Configuration :: OS: Linux | OS Version: 4.9.0-8-amd64 | Technology: x86_64 | Web Server: Apache/2.4.25 (Debian) | Encoding: gzip, deflate | Doc Root: --protected-- | System TMP Writable: Yes | Free Disk Space : 80.75 GiB |

PHP Configuration :: Version: 7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69 | PHP API: cgi-fcgi | Session Path Writable: Yes | Display Errors: | Error Reporting: 22527 | Log Errors To: | Last Known Error: | Register Globals: | Magic Quotes: | Safe Mode: | Open Base: /var/www/clients/client2/web9/web:/var/www/clients/client2/web9/private:/var/www/clients/client2/web9/tmp:/var/www/gbglaw.org.uk/web:/srv/www/gbglaw.org.uk/web:/usr/share/php5:/usr/share/php:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/dev/random:/dev/urandom | Uploads: 1 | Max. Upload Size: 2M | Max. POST Size: 8M | Max. Input Time: 60 | Max. Execution Time: 30 | Memory Limit: 128M

Database Configuration :: Version: 5.5.5-10.1.37-MariaDB-0+deb9u1 (Client:mysqlnd 5.0.12-dev - 20150407 - $Id: 38fea24f2847fa7519001be390c98ae0acafe387 $) | Host: --protected-- (--protected--) | default Collation: utf8mb4_general_ci (default Character Set: utf8mb4) | Database Size: 115.90 MiB | #of Tables:  115
Detailed Environment :: wrote:PHP Extensions :: Core (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | date (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | libxml (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | openssl (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | pcre (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | zlib (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | filter (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | hash (1.0) | pcntl (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | Reflection (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | SPL (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | sodium (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | session (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | standard (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | cgi-fcgi () | mysqlnd (mysqlnd 5.0.12-dev - 20150407 - $Id: 38fea24f2847fa7519001be390c98ae0acafe387 $) | PDO (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | xml (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | apcu (5.1.17) | bz2 (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | calendar (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | ctype (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | curl (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | dom (20031129) | mbstring (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | fileinfo (1.0.5) | ftp (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | gd (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | gettext (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | iconv (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | igbinary (2.0.8) | imagick (3.4.3) | imap (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | intl (1.1.0) | json (1.6.0) | exif (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | memcache (3.0.9-dev) | msgpack (2.0.3) | mysqli (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | pdo_mysql (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | pdo_sqlite (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | apc (5.1.17) | posix (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | pspell (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | readline (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | recode (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | shmop (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | SimpleXML (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | soap (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | sockets (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | sqlite3 (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | sysvmsg (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | sysvsem (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | sysvshm (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | tidy (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | tokenizer (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | wddx (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | xmlreader (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | xmlrpc (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | xmlwriter (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | xsl (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | zip (1.15.4) | Phar (2.0.2) | memcached (3.1.3) | Zend OPcache (7.2.14-1+0~20190113100742.14+stretch~1.gbpd83c69) | Zend Engine (3.2.0) |
Potential Missing Extensions ::
Disabled Functions :: pcntl_alarm | pcntl_fork | pcntl_waitpid | pcntl_wait | pcntl_wifexited | pcntl_wifstopped | pcntl_wifsignaled | pcntl_wifcontinued | pcntl_wexitstatus | pcntl_wtermsig | pcntl_wstopsig | pcntl_signal | pcntl_signal_get_handler | pcntl_signal_dispatch | pcntl_get_last_error | pcntl_strerror | pcntl_sigprocmask | pcntl_sigwaitinfo | pcntl_sigtimedwait | pcntl_exec | pcntl_getpriority | pcntl_setpriority | pcntl_async_signals | |

Switch User Environment (Experimental) :: PHP CGI: Yes | Server SU: Yes | PHP SU: Yes | Custom SU (LiteSpeed/Cloud/Grid): Yes
Potential Ownership Issues: No
Folder Permissions :: wrote:Core Folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) | administrator/logs/ (---) |

Elevated Permissions (First 10) :: forum/cache/ (777) | forum/files/ (777) | forum/images/avatars/upload/ (777) | forum/store/ (777) | roofdatabase2/sites/default/files/ (775) | roofdatabase2/sites/default/files/php/ (777) | roofdatabase2/sites/default/files/php/twig/ (777) | roofdatabase2/sites/default/files/php/twig/5c3bcf1e27922_block--system-branding-bl_72GkZTYHvldCdMcY-Fr9WtVSZ/ (777) | roofdatabase2/sites/default/files/php/twig/5c3bcf1e27922_menu.html.twig_6_49nUJrABYdgsuH1VhK8sIfM/ (777) | workflow/caseman/cc_docs/ (777) |
Database Information :: wrote:Database statistics :: Uptime: 11378 | Threads: 5 | Questions: 83119 | Slow queries: 0 | Opens: 116465 | Flush tables: 1 | Open tables: 2000 | Queries per second avg: 7.305 |
Extensions Discovered :: wrote:Components :: SITE ::
Core :: com_wrapper (3.0.0) 1 | com_mailto (3.0.0) 1 |
3rd Party::

Components :: ADMIN ::
Core :: com_actionlogs (3.9.0) 1 | com_plugins (3.0.0) 1 | com_messages (3.0.0) 1 | com_search (3.0.0) 1 | com_languages (3.0.0) 1 | com_associations (3.7.0) 1 | com_cpanel (3.0.0) 1 | com_tags (3.1.0) 1 | com_config (3.0.0) 1 | com_redirect (3.0.0) 1 | com_admin (3.0.0) 1 | com_categories (3.0.0) 1 | com_cache (3.0.0) 1 | com_login (3.0.0) 1 | com_postinstall (3.2.0) 1 | com_fields (3.7.0) 1 | com_banners (3.0.0) 1 | com_newsfeeds (3.0.0) 1 | com_ajax (3.2.0) 1 | com_users (3.0.0) 1 | com_privacy (3.9.0) 1 | com_joomlaupdate (3.6.2) 1 | com_media (3.0.0) 1 | com_content (3.0.0) 1 | com_finder (3.0.0) 1 | com_checkin (3.0.0) 1 | com_templates (3.0.0) 1 | com_menus (3.0.0) 1 | com_modules (3.0.0) 1 | com_contenthistory (3.2.0) 1 | com_installer (3.0.0) 1 |
3rd Party:: Akeeba (6.0.1) 1 | Simplified Social Share (5.1) 1 | COM_MIJOSQL (1.1.1) 1 | com_gantry5 (5.4.28) 1 | com_faqftw (1.3.0) 1 | uddeIM (3.9) 1 | com_chronoforms5 (5.0.17) 1 |

Modules :: SITE ::
Core :: mod_tags_similar (3.1.0) 1 | mod_users_latest (3.0.0) 1 | mod_custom (3.0.0) 1 | mod_random_image (3.0.0) 1 | mod_related_items (3.0.0) 1 | mod_wrapper (3.0.0) 1 | mod_languages (3.5.0) 1 | mod_search (3.0.0) 1 | mod_finder (3.0.0) 1 | mod_tags_popular (3.1.0) 1 | mod_syndicate (3.0.0) 1 | mod_articles_categories (3.0.0) 1 | mod_banners (3.0.0) 1 | mod_articles_latest (3.0.0) 1 | mod_breadcrumbs (3.0.0) 1 | mod_feed (3.0.0) 1 | mod_articles_category (3.0.0) 1 | mod_footer (3.0.0) 1 | mod_articles_popular (3.0.0) 1 | mod_articles_archive (3.0.0) 1 | mod_articles_news (3.0.0) 1 | mod_login (3.0.0) 1 | mod_menu (3.0.0) 1 | mod_stats (3.0.0) 1 | mod_whosonline (3.0.0) 1 |
3rd Party:: Art News Ticker (1.3.0) 1 | mod_sbahjaoui_news (1.3) 0 | Advanced Custom Facebook Likebox Wi (2.0.2) ? | Cinch Menu (1.8) 1 | MarqueeAholic (1.4.9) 1 | mod_eprivacy (2.14) 1 | RokAjaxSearch (2.0.6) 1 | ChronoForms5 (V5 RC1.2) 1 | Ordasoft Social Comments and Sharin (2.0 FREE) ? | Menu Accordeon CK (2.2.1) 1 | Social Media Links Genius (1.001) 1 | CookiesAccept (1.3) 1 | POWr Twitter Feed (3.0) 1 | Clean Nivo Slider (1.0) 1 | mod_gantry5_particle (5.4.28) 1 |

Modules :: ADMIN ::
Core :: mod_status (3.0.0) 1 | mod_sampledata (3.8.0) 1 | mod_quickicon (3.0.0) 1 | mod_title (3.0.0) 1 | mod_privacy_dashboard (3.9.0) 1 | mod_multilangstatus (3.0.0) 1 | mod_latest (3.0.0) 1 | mod_custom (3.0.0) 1 | mod_submenu (3.0.0) 1 | mod_toolbar (3.0.0) 1 | mod_version (3.0.0) 1 | mod_feed (3.0.0) 1 | mod_latestactions (3.9.0) 1 | mod_stats_admin (3.0.0) 1 | mod_login (3.0.0) 1 | mod_menu (3.0.0) 1 | mod_logged (3.0.0) 1 | mod_popular (3.0.0) 1 |
3rd Party:: mod_switcheditor (1.0.1) 1 |

Libraries :: SITE ::
Core ::
3rd Party:: FOF30 (3.1.2) 1 | Regular Labs Library (19.3.16030) 1 |

Plugins :: SITE ::
Core :: plg_search_newsfeeds (3.0.0) 1 | plg_search_tags (3.0.0) 1 | plg_search_contacts (3.0.0) 1 | plg_search_content (3.0.0) 1 | plg_search_categories (3.0.0) 1 | plg_captcha_recaptcha (3.4.0) 0 | plg_captcha_recaptcha_invisible (3.8) 0 | PLG_INSTALLER_FOLDERINSTALLER (3.6.0) 1 | plg_installer_webinstaller (2.0.1) 1 | plg_installer_packageinstaller (3.6.0) 1 | PLG_INSTALLER_URLINSTALLER (3.6.0) 1 | plg_twofactorauth_totp (3.2.0) 0 | plg_twofactorauth_yubikey (3.2.0) 0 | plg_system_privacyconsent (3.9.0) 0 | plg_system_languagefilter (3.0.0) 0 | plg_system_highlight (3.0.0) 1 | plg_system_redirect (3.0.0) 0 | plg_system_sessiongc (3.8.6) 1 | plg_system_p3p (3.0.0) 0 | plg_system_remember (3.0.0) 1 | plg_system_logrotation (3.9.0) 1 | PLG_SYSTEM_ACTIONLOGS (3.9.0) 1 | plg_system_fields (3.7.0) 1 | plg_system_logout (3.0.0) 1 | plg_system_cache (3.0.0) 0 | plg_system_languagecode (3.0.0) 0 | plg_system_debug (3.0.0) 1 | plg_system_sef (3.0.0) 1 | plg_system_stats (3.5.0) 1 | plg_system_log (3.0.0) 1 | plg_system_updatenotification (3.5.0) 1 | plg_finder_newsfeeds (3.0.0) 1 | plg_finder_tags (3.0.0) 1 | plg_finder_contacts (3.0.0) 1 | plg_finder_content (3.0.0) 1 | plg_finder_categories (3.0.0) 1 | plg_extension_joomla (3.0.0) 1 | plg_fields_textarea (3.7.0) 1 | plg_fields_url (3.7.0) 1 | plg_fields_list (3.7.0) 1 | plg_fields_repeatable (3.9.0) 1 | plg_fields_editor (3.7.0) 1 | plg_fields_media (3.7.0) 1 | plg_fields_color (3.7.0) 1 | plg_fields_checkboxes (3.7.0) 1 | plg_fields_sql (3.7.0) 1 | plg_fields_calendar (3.7.0) 1 | plg_fields_usergrouplist (3.7.0) 1 | plg_fields_radio (3.7.0) 1 | plg_fields_imagelist (3.7.0) 1 | plg_fields_integer (3.7.0) 1 | plg_fields_user (3.7.0) 1 | plg_fields_text (3.7.0) 1 | plg_privacy_consents (3.9.0) 1 | plg_privacy_actionlogs (3.9.0) 1 | plg_privacy_message (3.9.0) 1 | plg_privacy_content (3.9.0) 1 | plg_privacy_user (3.9.0) 1 | plg_content_joomla (3.0.0) 1 | plg_content_finder (3.0.0) 1 | plg_content_emailcloak (3.0.0) 1 | plg_content_loadmodule (3.0.0) 1 | plg_content_fields (3.7.0) 1 | plg_content_vote (3.0.0) 1 | plg_content_pagebreak (3.0.0) 1 | plg_content_confirmconsent (3.9.0) 0 | plg_content_pagenavigation (3.0.0) 1 | PLG_ACTIONLOG_JOOMLA (3.9.0) 1 | plg_quickicon_joomlaupdate (3.0.0) 1 | plg_quickicon_phpversioncheck (3.7.0) 1 | plg_quickicon_privacycheck (3.9.0) 1 | plg_quickicon_extensionupdate (3.0.0) 1 | plg_user_joomla (3.0.0) 1 | plg_user_terms (3.9.0) 0 | plg_user_profile (3.0.0) 0 | plg_user_contactcreator (3.0.0) 0 | plg_editors-xtd_module (3.5.0) 1 | plg_editors-xtd_fields (3.7.0) 1 | plg_editors-xtd_article (3.0.0) 0 | plg_editors-xtd_pagebreak (3.0.0) 1 | plg_editors-xtd_image (3.0.0) 1 | plg_editors-xtd_menu (3.7.0) 1 | plg_editors-xtd_readmore (3.0.0) 1 | plg_authentication_ldap (3.0.0) 0 | plg_authentication_joomla (3.0.0) 1 | plg_authentication_cookie (3.0.0) 1 | plg_authentication_gmail (3.0.0) 0 |
3rd Party:: plg_search_content_improved (1.0.0) 0 | Search - FAQ FTW FAQs Search (1.0.0) 1 | PLG_SYS_EPRIVACY (2.14) 0 | PLG_SYSTEM_BACKUPONUPDATE_TITLE (3.7) 0 | plg_sys_topofthepage (2.0) 1 | manage.myJoomla.com Secure Plugin (n/a) 0 | PLG_SYSTEM_AKEEBAUPDATECHECK_TITLE (1.1) 0 | plg_system_switcheditor (1.0.1) 1 | plg_system_regularlabs (19.3.16030) 1 | plg_system_articlesanywhere (9.1.1) 1 | plg_system_gantry5 (5.4.28) 1 | Simplified Social Share (5.1) 1 | Chronoforms5 (V5.0) 1 | POWr Shortcodes (3.0) 1 | Content - Fast Social Share (1.8) 1 | plg_editors_codemirror (5.40.0) 1 | plg_editors_tinymce (4.5.9) 1 | plg_quickicon_akeebabackup (1.0) 1 | plg_quickicon_gantry5 (5.4.28) 1 | POWr Icon (1.0) 1 | plg_editors-xtd_articlesanywhere (9.1.1) 1 | plg_gantry5_preset (5.4.28) 1 |
Templates Discovered :: wrote:Templates :: SITE :: protostar (1.0) 1 | Qualify (3) 0 | beez3 (3.1.0) 1 | g5_hydrogen (5.4.28) 1 |
Templates :: ADMIN :: isis (1.0) 1 | hathor (3.0.0) 1 |

User avatar
toivo
Joomla! Master
Joomla! Master
Posts: 11195
Joined: Thu Feb 15, 2007 5:48 am
Location: Suzhou, China

Re: Website Redirecting to Spammy Websites

Post by toivo » Sat Apr 27, 2019 6:43 am

There are several folders listed under Elevated Permissions. Those folders are world writable, which is a security risk.

The site should use at least the standard .htaccess file that is installed with Joomla as htaccess.txt. That would block out some common exploits.

BTW, Max. Upload Size: 2M and Max. POST Size: 8M are too small, suggest 20M.
Toivo Talikka, Global Moderator

bgareth2
Joomla! Apprentice
Joomla! Apprentice
Posts: 35
Joined: Tue May 31, 2011 3:08 pm

Re: Website Redirecting to Spammy Websites

Post by bgareth2 » Sat Apr 27, 2019 7:38 am

Sure, thank you for the quick reply and observation there - these are not files that I have changed or, as far as I can see, required changing. In the case of Twig, I could very easily be wrong but I thought that, as templating actually relies on standards that are broadcast, that the permissions would need to reflect this (somehow) A really rubbish explanation of my thinking I know? The elevated files you talk of more widely relate to three other systems installed on the wider domain including a test Drupal install, PHP BB forum and a test case management system.

The issue that I currently have is that visitors are redirected from the public-facing website (running the latest Joomla) to spammy websites. Is there anywhere to start to pin the particular issue down rather than stabbing in the dark? Also is there any way of searching the Joomla database for any evidence of SQL injection? Please bear in mind I have done a search for vulnerable extensions. An example of a spammy website is [http]://[ww1].4joomla.org/ ---> DO NOT VISIT THIS PLEASE!! Is anybody familiar with this destination being involved with other specific hacks and could it shed any light please?

Thanks again :)

User avatar
AMurray
Joomla! Virtuoso
Joomla! Virtuoso
Posts: 4869
Joined: Sat Feb 13, 2010 7:35 am
Location: Australia

Re: Website Redirecting to Spammy Websites

Post by AMurray » Sat Apr 27, 2019 10:49 pm

Just adding to the discussion in passing.....no application I've used has ever used any permission setting other than 755 / 644 (and 444 for the configuration file).

I'd take @toivo's advice, and tighten up that security; if some application requires more relaxed settings, then I would say you need to review / reconsider your use of it.

The FPA in any case, should only be reporting on Joomla files, not Drupal or PHPBB or anything else.
Regards,
--------------------------------------------------------------
A Murray
Millennium Falcon - it's the ship that made the Kessel run in less than 12 parsecs! The fastest hunk of junk in the galaxy.

User avatar
AMurray
Joomla! Virtuoso
Joomla! Virtuoso
Posts: 4869
Joined: Sat Feb 13, 2010 7:35 am
Location: Australia

Re: Website Redirecting to Spammy Websites

Post by AMurray » Sat Apr 27, 2019 10:59 pm

Ensuring all those third-party extensions are as up to date as possible would be a good first step too.

Two examples of out-of-date third party extensions that I can identify from your FPA Report as provided:

1) FPA reports Akeeba Backup v6.0.1 but the current version is v6.4.2.1

2)FPA reports ChronoForms v5.0.17, the current version is v6.0.26

I'd suggest doing an audit of your third-party extensions and obtaining updates for all of them, and also ensuring they are extensions that use the Joomla update system (so you are notified of updates available).
Regards,
--------------------------------------------------------------
A Murray
Millennium Falcon - it's the ship that made the Kessel run in less than 12 parsecs! The fastest hunk of junk in the galaxy.


Post Reply

Return to “Security in Joomla! 3.x”