Description

Joomla! Core is prone to a spam vulnerability. Exploiting this issue may allow attackers to send spam through the affected website. Joomla! Core version 1.6.0 is vulnerable.

Remediation

Update to Joomla! Core version 1.6.1 or latest

References

http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=24288

https://www.exploit-db.com/exploits/15979/

https://www.joomla.org/announcements/release-news/5350-joomla-161-released.html

Related Vulnerabilities

WordPress Plugin YITH WooCommerce Compare PHP Object Injection (2.0.9)

WordPress Plugin WP Limit Login Attempts SQL Injection (2.0.0)

WordPress Plugin Social Auto Poster includes Backdoor [Only if downloaded via the vendor website] (2.1.3)

WordPress Plugin Gallery for Social Photo Unspecified Vulnerability (1.0.0.25)

WordPress Plugin Custom Fields Search by BestWebSoft Cross-Site Scripting (1.3.1)

Severity

High

Classification

CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

Tags

Missing Update