For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Joomla! SQL Injection Vulnerability

Recently, details about three serious CVE vulnerabilities in the Joomla CMS platform were released to the public (CVE-2015-7297, CVE-2015-7857, CVE-2015-7858). These CVE’s were discovered by Trustwa...
Updated Jun 23, 2022
Version 2.0
ASM Advanced WAF
attack signatures
cms
cve-2015-7297
cve-2015-7857
cve-2015-7858
joomla
security
sql injection
warburtr0n's avatar
warburtr0n
Icon for Employee rankEmployee
Nov 08, 2015
Worth also noting that, whilst not yet 100% verified, it seems that the default crypto is incredibly insecure. If you're not already performing SSL termination on BIG-IP you should be. http://www.openwall.com/lists/oss-security/2015/11/08/1