GMapFP in the Joomla Vulnerable Extensions List
- webilicious
- Topic Author
- Visitor
8 years 7 months ago #4172
by webilicious
GMapFP in the Joomla Vulnerable Extensions List was created by webilicious
Hi,
Thanks for the free version of GMapFP which I love and have been using for a while on a client website.
I noticed that GMapFP J3.38F has been listed on the Vulnerable Extensions List at vel.joomla.org/live-vel/1829-gmapfp-j3-3...formation-disclosure
I am using version 9.44 on Joomla 2.5. Is this version also affected?
Is there anything I need to do to make the website secure?
Thanks,
Neil.
Thanks for the free version of GMapFP which I love and have been using for a while on a client website.
I noticed that GMapFP J3.38F has been listed on the Vulnerable Extensions List at vel.joomla.org/live-vel/1829-gmapfp-j3-3...formation-disclosure
I am using version 9.44 on Joomla 2.5. Is this version also affected?
Is there anything I need to do to make the website secure?
Thanks,
Neil.
Please Log in or Create an account to join the conversation.
8 years 7 months ago #4173
by gmapfp
Replied by gmapfp on topic GMapFP in the Joomla Vulnerable Extensions List
Hi,
There are not vulnerability !
The message of the JED is :
There are not vulnerability !
The message of the JED is :
A JED team member has sent you the following message
Hello,
your listing has been unpublished due to several issues.
1) VEL listing: https://vel.joomla.org/live-vel/1829-gmapfp-j3-38f-information-disclosure
2) inserting adsense into a form fundtion (admin cpanel)
3) linking to several sites owned by the developr that would appear not to be OSM compliant regarding name use two files affected are form.php and view.html.
Kind regards,
Luca
The following user(s) said Thank You: webilicious
Please Log in or Create an account to join the conversation.
- webilicious
- Topic Author
- Visitor
8 years 7 months ago #4175
by webilicious
Replied by webilicious on topic GMapFP in the Joomla Vulnerable Extensions List
Thanks for the clarification.
I'm still not sure why they have listed GMapFP in the VEL if it's not vulnerable!
If there was a genuine vulnerability I would expect more detail in the VEL listing but so far the listing is tagged with "Information Disclosure" and that is all.
I'm still not sure why they have listed GMapFP in the VEL if it's not vulnerable!
If there was a genuine vulnerability I would expect more detail in the VEL listing but so far the listing is tagged with "Information Disclosure" and that is all.
Please Log in or Create an account to join the conversation.
- caeos
- Visitor
8 years 6 months ago #4206
by caeos
Replied by caeos on topic GMapFP in the Joomla Vulnerable Extensions List
vel.joomla.org/live-vel/1835-gmapfp-3-39...cross-site-scripting
gmapfp,3.39f,XSS (Cross Site Scripting) Info disclosure, arbitrary fileupload
Please Log in or Create an account to join the conversation.
- drweb
- Visitor
8 years 6 months ago #4207
by drweb
Replied by drweb on topic GMapFP in the Joomla Vulnerable Extensions List
Please Log in or Create an account to join the conversation.
8 years 6 months ago #4208
by gmapfp
Replied by gmapfp on topic GMapFP in the Joomla Vulnerable Extensions List
Hi,
There are a potential vulnerability on the uploading of picture in the submission form and in admin.
I will solve it in the next days.
There are a potential vulnerability on the uploading of picture in the submission form and in admin.
I will solve it in the next days.
The following user(s) said Thank You: webilicious
Please Log in or Create an account to join the conversation.
Time to create page: 0.082 seconds