Tags: Security, News, Joomla 1.5 on
Jan 11, 2009
Joomla has just released version 1.5.9 of its popular CMS. This one has codename Vatani, as I already predicted in my post about Joomla 1.5.8. Vatani means 'nine' in Yaqui (a native American language). It's important to know that this is a security release. You should always upgrade when there is a new release, but for a security release this is even more imporant. So don't postpone and start your update today.
There are 2 SQL injection vulnerabilities discovered in 2 different external Joomla Components. The first one is in the Nice Talk component. The second one in DS syndicate component. If you use any of these two components, make sure to get a security update from their owners as soon as possible.
I had a great weekend. On saturday evening my favorite football team lost bigtime. After that, I had a few to many beers, so I planned to have a lazy sunday...until I checked my email sunday morning. A kind user of Ulti Joomla warned me that the site was hacked. There are more pleasant things to read on a sunday morning. I was immediately fully awake and checked the site. I was lucky, because there was only minor damage. There was a new article created, titled 'HACKED BY...' and I couldn't login any more on the backend site. The damage could be worse, but this doesn't make the hacker a nice guy. I concider hackers as the vandals of the internet, so even if a vandal could have done more damage, he's still a vandal. I really don't understand why they do this. When I think of a hacker, I think about a kid with no real life friends who tries to piss off as many people as possible to get some attention.