Joomla! is one of the biggest players in the market of content management systems. Its easy installation, usage, and extensibility make it the second most used CMS on the web next to WordPress1. Last year, our PHP static code analysis solution unveiled a rare LDAP injection vulnerability within the 500,000 lines of Joomla! code. This LDAP injection vulnerability, explained in our previous blog post, allowed attackers to fully take over Joomla! <= v3.7.5 installations that rely on LDAP for authentication.
Recent updates to our analysis engine lead to the discovery of a new vulnerability in the Joomla! core affecting versions prior to 3.8.4. RIPS discovered a second-order SQL injection that could be used by attackers to leverage lower permissions and to escalate them into full admin permissions. This previously unknown vulnerability was disclosed to the Joomla! security team who released a security fix on the 30th of January 2018.Read More
With over 84 million downloads, Joomla! is one of the most popular content management systems in the World Wide Web. It powers about 3.3% of all websites’ content and articles. Our code analysis solution RIPS detected a previously unknown LDAP injection vulnerability in the login controller. This one vulnerability could allow remote attackers to leak the super user password with blind injection techniques and to fully take over any Joomla! <= 3.7.5 installation within seconds that uses LDAP for authentication. Joomla! has fixed the vulnerability in the latest version 3.8.Read More