This is for educational purposes,
The author is not responsible for
any action done by you.
This vulnerability allows Joomla website to be hacked through the Media Manager. To exploit the vulnerability the attacker should find a Joomla website that allows access to the media manager to its registered users. Then he/she will register an account and use the vulnerability to upload a malicious shell script to this site through the Media Manager. After that the attacker can do pretty much anything – edit your files, access your database, delete information, etc.
How can this issue be stop?
--- watch this video2 Joomla Media Manager File Upload Vulnerability
The author is not responsible for
any action done by you.
Vulnerability Explained
This vulnerability allows Joomla website to be hacked through the Media Manager. To exploit the vulnerability the attacker should find a Joomla website that allows access to the media manager to its registered users. Then he/she will register an account and use the vulnerability to upload a malicious shell script to this site through the Media Manager. After that the attacker can do pretty much anything – edit your files, access your database, delete information, etc.
How can this issue be stop?
--- Applied a server level solution :: blocks the upload of malicious files through the Media Manager on a server level.
--- Upgrade your Joomla website to either 2.5 and 3.x
---- make sure to Patch your Joomla 1.5 ::: Joomla 1.5 is no longer officially supported, there was no upgrade available for it. However, the Joomla team has released a security patch that should be applied manually and patched all the old Joomla versions hosted.
--- watch this video1 Tutorial Upload Shell on Joomla CMS via Media Manager
--- watch this video1 Tutorial Upload Shell on Joomla CMS via Media Manager
--- watch this video2 Joomla Media Manager File Upload Vulnerability
No comments:
Post a Comment
NO LINK!!!!!!!!