Patch Security hole in mmsblog joomla component

  • Posted:
  • Proposals: 2
  • Remote
  • #23764
  • Archived
Eddie L.John H. have already sent a proposal.
  • 0


Experience Level: Intermediate
I have developped a website based on JOOMLA with different components.
One of these module is MMSBLOG (
Unfortunately, this module have a big security hole, and my website has been hacked through this hole last week ! At this time there is no update to patch this hole... however this component is really important for me because my client need to post news on the website through email with a satellite connection...
So I need to find a solution to secure this component and protect the website from hacking.

I have found this about the vulnerability of this component on the web :

DESCRIPTION: A vulnerability has been discovered in the MMS Blog component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information.

Input passed to the \"controller\" parameter in index.php (when \"option\" is set to \"com_mmsblog\") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes.

So, I\'m searching someone would could patch the hole or find a secure solution to protect my website.
Thanks, in advance,

New Proposal

Create an account now and send a proposal now to get this job.

Sign up

Clarification Board Ask a Question

    There are no clarification messages.