Andres, On May 28, 2009, at 2:12 PM, Andres Riancho wrote:
> mOses, > > On Wed, May 27, 2009 at 11:37 PM, mOses > <[email protected]> wrote: >> The Joomla File is 6MB in size. It's actually called: >> >> Joomla_1.5.4-Stable-Full_Package.zip >> >> I think you might be able to find it somehow on their website. > Here is the link from their code site: http://joomlacode.org/gf/project/joomla/frs/?action=FrsReleaseBrowse&frs_package_id=3786 or direct link: http://joomlacode.org/gf/download/frsrelease/7926/28543/Joomla_1.5.4-Stable-Full_Package.zip This version of the application has the vulnerability which was fixed in October. > Could you point me to it? > > PS: Please answer inline. Top posting is rude. > http://en.wikipedia.org/wiki/Top-posting#Top-posting > My apologies mosesRENEGADE >> m. >> >> On May 27, 2009, at 7:22 PM, Andres Riancho wrote: >> >>> moses, >>> >>> On Wed, May 27, 2009 at 2:14 PM, mOses >>> <[email protected]> >>> wrote: >>>> >>>> While we are on the subject of moth, in my test vm's I use Joomla! >>>> 1.5.4 and newer. 1.5.4 had a very bad bug that allowed for the >>>> admin >>>> user to have his password reset. >>>> >>>> http://www.milw0rm.com/exploits/6234 >>>> >>>> Do you think its a good idea to include a CMS in the application, >>>> if >>>> so do you want me to send you a copy since its such a pain to find >>>> older builds of this application on their site? >>> >>> How big is that file? >>> >>> Cheers, >>>> >>>> M >>>> >>>> >>>> >> > > > > -- > Andrés Riancho > Founder, Bonsai - Information Security > http://www.bonsai-sec.com/ > http://w3af.sf.net/ ------------------------------------------------------------------------------ Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers & brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, & iPhoneDevCamp as they present alongside digital heavyweights like Barbarian Group, R/GA, & Big Spaceship. http://p.sf.net/sfu/creativitycat-com _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
