Menu
  1. Forum
  3. Securitycheck Pro
  5. Bug report
  7. Vulnerabilities database

Topic-icon Vulnerabilities database

  • jhvanee
  • jhvanee's Avatar Topic Author
  • Offline
  • Senior Member
  • Senior Member
More
1 year 2 months ago - 1 year 2 months ago #7524 by jhvanee
Vulnerabilities database was created by jhvanee
It's not realy a bug, but according to the database Huge IT Slider Component version 1.1.0 is vulnerable. However, according to joomla data, this version is not vulnerable.
"Huge IT Slider,1.0.9,SQL Injection Resolution: update to 1.1.0 update notice: huge-it.com/joomla-extensions-security-notice/"
Last edit: 1 year 2 months ago by jhvanee.

Please Log in or Create an account to join the conversation.

More
1 year 2 months ago #7525 by Jose
Replied by Jose on topic Vulnerabilities database
Hi jhvanee,

I didn't test it, but I followed this notice:
packetstormsecurity.com/files/138076/Hug...S-SQL-Injection.html

Please, take note that I also check other sources to contruct the database, so there could be differences between Joomla data and mine.

Regards,
Jose

Please Log in or Create an account to join the conversation.

  • jhvanee
  • jhvanee's Avatar Topic Author
  • Offline
  • Senior Member
  • Senior Member
More
1 year 2 months ago - 1 year 2 months ago #7526 by jhvanee
Replied by jhvanee on topic Vulnerabilities database
Jose, thanks for your quick reply.
The info on packetstormsecurity.com/files/138076/Hug...S-SQL-Injection.html concerns version 1.0.9
Due to the vulnerability, an update has been made to version 1.1.0. It would be safe again. At least I understand this from this info and the information from Joomla ;)

Regards,
Harry
Last edit: 1 year 2 months ago by jhvanee.

Please Log in or Create an account to join the conversation.

More
1 year 2 months ago #7527 by Jose
Replied by Jose on topic Vulnerabilities database
You're welcome Harry!

Due to the vulnerability, an update has been made to version 1.1.0. It would be safe again. At least I understand this from this info and the information from Joomla

Yes, having a version upper to 1.0.9 will keep you safe.

Regards,
Jose

Please Log in or Create an account to join the conversation.

  • jhvanee
  • jhvanee's Avatar Topic Author
  • Offline
  • Senior Member
  • Senior Member
More
1 year 2 months ago #7528 by jhvanee
Replied by jhvanee on topic Vulnerabilities database
Thank you, but isn't it strange that SCP indicates that version 1.1.0 is vulnerable? Sorry to insist that way.
The following user(s) said Thank You: Jose

Please Log in or Create an account to join the conversation.

More
1 year 2 months ago #7529 by Jose
Replied by Jose on topic Vulnerabilities database
Hi Harry,

Sorry for the delay.

You're right: there was a duplicate entry for Huge IT saying that 1.1.0 version was vulnerable. I have removed it and it will be fine in the next update.

Thank you very much for reporting this!

Regards,
Jose

Please Log in or Create an account to join the conversation.

  1. Forum
  3. Securitycheck Pro
  5. Bug report
  7. Vulnerabilities database
Time to create page: 0.100 seconds
Powered by Kunena Forum

In order to provide you with the best online experience this website uses cookies.

By using our website, you agree to our use of cookies.

I agree

Login or Sign In