Joomla Extensions Demo

Support

Do not submit a bug report if you need technical support or have questions.

Forums

Post your suggestions ask for help in the community forums

Contact Me

Missing images/links, any comments, suggestions, need help? Contact me

Download

Skype

Need desperately help?
Skype Me™! But dont abuse of it!
You are here: Home Joomla Extensions SecurityImages Nasty Bug in SecurityImages 5.1.2

Nasty Bug in SecurityImages 5.1.2

software_bugs_dilbert

Thanks to Margus Pala, a security Flaw has been reported and corrected in SecurityImages version 5.1.2 and previous

The flaw is of moderate level, in register forms, spammers are able to register without solving the Captcha!

  • It affect only SecurityImages 5.x for Joomla! 1.5
  • SecurityImages 6.x for Joomla! 1.6 is not affected

In order to resolve this issue, you don’t have to install any new version of SecurityImages, you must either

  • Update your blog with the right version of the joomla! patches, the all end with Joomla_1.5.x-Stable-Full_PackageForSecurityImages5.y.z_v01.03.00

OR

  • Edit the file components\com_user\controller.php and remove the line 274 ($this->register())
if ($useSecurityImagesInRegister && !$this->checkSecurityImagesCaptcha()) {
  JError::raiseWarning('', JText::_('SECURITYIMAGES REJECT USER ENTRY'));  
  $this->register();
  return false;
}

These patches versions have the flaw

04/12/2008  Joomla_1.5.1-Stable-Full_PackageForSecurityImages5.0.0.zip
05/01/2008  Joomla_1.5.2-Stable-Full_PackageForSecurityImages5.0.0_v01.00.00.zip
05/01/2008  Joomla_1.5.3-Stable-Full_PackageForSecurityImages5.0.0_v01.00.00.zip
07/10/2008  Joomla_1.5.4-Stable-Full_PackageForSecurityImages5.0.0_v01.00.00.zip
08/03/2008  Joomla_1.5.5-Stable-Full_PackageForSecurityImages5.0.0_v01.00.00.zip
08/03/2008  Joomla_1.5.6-Stable-Full_PackageForSecurityImages5.0.0_v01.00.00.zip
08/19/2008  Joomla_1.5.6-Stable-Full_PackageForSecurityImages5.1.0_v01.00.00.zip
09/13/2008  Joomla_1.5.7-Stable-Full_PackageForSecurityImages5.0.0_v01.00.00.zip
09/20/2008  Joomla_1.5.7-Stable-Full_PackageForSecurityImages5.1.0_v01.00.00.zip
11/11/2008  Joomla_1.5.8-Stable-Full_PackageForSecurityImages5.0.0_v01.00.00.zip
01/19/2009  Joomla_1.5.8-Stable-Full_PackageForSecurityImages5.1.0_v01.01.00.zip
01/19/2009  Joomla_1.5.9-Stable-Full_PackageForSecurityImages5.1.0_v01.01.00.zip
03/28/2009  Joomla_1.5.10-Stable-Full_PackageForSecurityImages5.1.0_v01.01.00.zip
06/03/2009  Joomla_1.5.11-Stable-Full_PackageForSecurityImages5.1.0_v01.01.00.zip
07/04/2009  Joomla_1.5.12-Stable-Full_PackageForSecurityImages5.1.x_v01.01.00.zip
07/26/2009  Joomla_1.5.13-Stable-Full_PackageForSecurityImages5.1.x_v01.01.00.zip
07/26/2009  Joomla_1.5.14-Stable-Full_PackageForSecurityImages5.1.x_v01.01.00.zip
09/11/2009  Joomla_1.5.14-Stable-Full_PackageForSecurityImages5.1.x_v01.02.00.zip
11/09/2009  Joomla_1.5.15-Stable-Full_PackageForSecurityImages5.1.x_v01.02.00.zip
04/24/2010  Joomla_1.5.16-Stable-Full_PackageForSecurityImages5.1.x_v01.02.00.zip
04/24/2010  Joomla_1.5.17-Stable-Full_PackageForSecurityImages5.1.x_v01.02.00.zip
09/12/2010  Joomla_1.5.18-Stable-Full_PackageForSecurityImages5.1.x_v01.02.00.zip
04/24/2010  Joomla_1.5.20-Stable-Full_PackageForSecurityImages5.1.x_v01.02.00.zip
01/09/2011  Joomla_1.5.21-Stable-Full_PackageForSecurityImages5.1.x_v01.02.00.zip
01/09/2011  Joomla_1.5.22-Stable-Full_PackageForSecurityImages5.1.x_v01.02.00.zip
01/09/2011  Joomla_1.5.23-Stable-Full_PackageForSecurityImages5.1.x_v01.02.00.zip

You can download the updated versions in HERE or search the download section, type 1.5.23 for the patches for 1.5.23 for example

You might also like:
HOW to make your own patches for securityimages
1020 days ago
HOW to make your own patches for securityimages
Just in case I take too much time to deliver a ready to use download, duration 5 minutes, but you ne
Joomla_1.5.13-Stable-Full_PackageForSecurityImages5.1.x_v01.
1030 days ago
Joomla_1.5.13-Stable-Full_PackageForSecurityImages5.1.x_v01.
Only for SecurityImages 5.1.x and Joomla! 1.5.13 Allow login views, login modules, register, lost
Joomla_1.5.12-Stable-Full_PackageForSecurityImages5.1.x_v01.
1052 days ago
Joomla_1.5.12-Stable-Full_PackageForSecurityImages5.1.x_v01.
Only for SecurityImages 5.1.x and Joomla! 1.5.12 Allow login views, login modules, register, lost
SecurityImages 5.1.2 available
1052 days ago
SecurityImages 5.1.2 available
This version should improve installations on some host, where the plugin securityimages.php did no
Joomla_1.5.11-Stable-Full_PackageForSecurityImages5.1.1.zip
1083 days ago
Joomla_1.5.11-Stable-Full_PackageForSecurityImages5.1.1.zip
The Joomla! community is pleased to announce the immediate availability of Joomla! 1.5.11 Since
Joomla_1.5.10-Stable-Full_PackageForSecurityImages5.1.1.zip
1150 days ago
Joomla_1.5.10-Stable-Full_PackageForSecurityImages5.1.1.zip
The Joomla! community is pleased to announce the immediate availability of Joomla! 1.5.10 Since
SecurityImages 5.2.0 in active development
1196 days ago
SecurityImages 5.2.0 in active development
Following the Preview of SecurityImages 5.2.0, I am currently developing a proof of concept using th
New patches for Joomla 1.5.9 and Joomla 1.5.8
1218 days ago
New patches for Joomla 1.5.9 and Joomla 1.5.8
Some people have reported issue in the forum I've found the error in my code in some views but not
blog comments powered by Disqus
Category: SecurityImages
Published Date
Written by Administrator
Hits: 1555
  • Print

Donations

Thank You for supporting my work
Subscribe to me on YouTube

Latest Articles

  • Joomla Mootools and jQuery Compatibility
    Joomla Mootools and ...
    In this series of post I will outline some common techniques to help Joomla extensions development. As you know Jooml... ...
  • cedTag 2.5.3 for J2.5 Released
    cedTag 2.5.3 for J2....
    CedTag  has been updated to version 2.5.3 and correct a lot of bugs and contains some nice features. CedTag is t... ...
  • cedThumbnails 2.5.5 for J2.5 Released
    cedThumbnails 2.5.5 ...
    CedThumbnails has been updated to version 2.5.5 and contains 1 new features for both Joomla 1.7 and Joomla 2.5. For ex... ...
  • cedSmugmug 2.5.2 for J2.5 Released
    cedSmugmug 2.5.2 for...
    CedSmugmug  has been updated to version 2.5.2 and correct some bugs and contains some nice features. CedSmugmug&... ...
  • Dropbox Dropquest chapter 1
    Dropbox Dropquest ch...
    If you want an extra gigabyte of storage on your Dropbox account, the online cloud service invites you to compete in i... ...

Subscribe

Latest Comments

Popular Posts

  • Media Center with XBMC
    Media Center with XB...
    HowTo transform your xBox into a Media Center with XBMCXboxMediaCenter is a free open source (GPL) multimedia player for...
  • 404
    404
    SORRY - 404 File Not Found Error The page you were looking for appears to have been moved, deleted or does not exis...
  • Dumb as ... a pitbull
    Dumb as ... a pitbul...
    African Porcupine against a bull terrier, the bull terrier was not smart enough to stop, and guess how it now look li...
  • Add a harddisk led to Your XBOX
    Add a harddisk led t...
    Add a led to your Xbox to see hard disk activity This mod is quite risky, especially if youcan not solder with precis...
  • Do it Yourself: change your PS3 optical lens
    Do it Yourself: chan...
    Guide how to replace PS3 Laser Lens           version 1.0 Attent...

Feeds

rockettheme advertisement

dropbox logo

My OSS Projects at

Help Us & Leave Feedback!

  • Do you have an excellent article idea you would like to read about here? Share it!
  • Do you have some interesting tips how we could improve our site?
  • Something missing here? Help us make this blog a better place, leave feedback!
We would love to hear from you! Be active! Write us now!

Recommended Site