Ah Damnit, I've got 2 Joomla shops active at the minute... Time to get patching (again!). Normally I check for updates at the beginning of every month, but time to make an exception.
Joomla patches critical core shop-pwning flaw
Popular content management system (CMS) Joomla has pushed three patches, including a critical fix for SQL injection vulnerabilities that allow attackers to become admins on most customer websites. The team issued fix 3.4.5 addressing the SQLi vulnerabilities (CVE-2015-7297, CVE-2015-7857, CVE-2015-7858) which exist in version …
COMMENTS
-
-
Friday 23rd October 2015 12:00 GMT nedge2k
You really shouldn't be running two online shops with practices like that. You're begging to be hacked. I hope to god you at least re-located the admin logins and moved the config out of the web root when you set the sites up (unless of course recent Joomlas do that for you - not used it since 1.5x)