Filter by tag: joomla

RIPS becomes Joomla! Official Code Analysis Partner

5 min read 19 Jun 2018 by Fabian Langen
Joomla, one of the world’s most popular Content Management Systems (CMS), announced today its partnership with RIPS, the technology leader for PHP application security testing.

Joomla! 3.8.3: Privilege Escalation via SQL Injection

9 min read 6 Feb 2018 by Karim El Ouerghemmi
Joomla! is one of the biggest players in the market of content management systems and the second most used CMS on the web. RIPS discovered a second-order SQL injection (CVE-2018-6376) that could be used by attackers to leverage lower permissions and to escalate them into full admin permissions on Joomla! prior version 3.8.4.

Joomla! 3.7.5 - Takeover in 20 Seconds with LDAP Injection

11 min read 20 Sep 2017 by Robin Peraglie
With over 84 million downloads, Joomla! is one of the most popular content management systems. Our code analysis solution RIPS detected a previously unknown LDAP injection vulnerability in the login controller. This one vulnerability could allow remote attackers to leak the super user password and to fully take over any Joomla! <= 3.7.5 installation that uses LDAP for authentication.