The Joomla! Project and Community is excited and proud to announce the immediate availability of Joomla! CMS 3.2.0 Stable. With literally dozens of new features including: Content version control Many user interface improvements Easy multi-lingual setup for 64
See other templatesSee other templates

Search: - For:

Getting Help

There are lots of places you can get help with Joomla!. In many places in your site...

The Joomla! Project

The Joomla Project consists of all of the people who make and support the Joomla Web Platform...

Using Joomla!

With Joomla you can create anything from a simple personal website to a complex ecommerce or social...

 

If this is your first Joomla! site or your first web site, you have come to the right place. Joomla will help you get your website up and running quickly and easily. Start off using your site by logging in using the administrator account you created when you installed Joomla. Explore the articles and other resources right here on your site data to learn more about how Joomla works.
Joomla! 3 continues development of the Joomla Platform and CMS as a powerful and flexible way to bring your vision of the web to reality. With the new administrator interface and adoption of Twitter Bootstrap, the ability to control its look and the management of extensions is now complete. Working with multiple template styles and overrides for the same views, creating the design you want is easier than it has ever been. Limiting support to PHP 5.3.10 and above makes Joomla lighter and faster than ever.

Joomla! Security News

  1. [20181005] - Core - CSRF hardening in com_installer

    • Project: Joomla!
    • SubProject: CMS
    • Impact:Moderate
    • Severity: Low
    • Versions: 2.5.0 through 3.8.12
    • Exploit type: CSRF
    • Reported Date: 2018-September-26
    • Fixed Date: 2018-October-02
    • CVE Number: CVE-2018-17858

    Description

    Added additional CSRF hardening in com_installer actions in the backend.

    Affected Installs

    Joomla! CMS versions 2.5.0 through 3.8.12

    Solution

    Upgrade to version 3.8.13

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:Raviraj A. Powar
  2. [20181004] - Core - ACL Violation in com_users for the admin verification

    • Project: Joomla!
    • SubProject: CMS
    • Impact:Moderate
    • Severity: Low
    • Versions: 1.5.0 through 3.8.12
    • Exploit type: ACL Violation
    • Reported Date: 2017-December-27
    • Fixed Date: 2018-October-02
    • CVE Number: CVE-2018-17855

    Description

    In case that an attacker gets access to the mail account of an user who can approve admin verifications in the registration process he can activate himself.

    Affected Installs

    Joomla! CMS versions 1.5.0 through 3.8.12

    Solution

    Upgrade to version 3.8.13

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:Paul Freeman
  3. [20181003] - Core - Access level Violation in com_tags

    • Project: Joomla!
    • SubProject: CMS
    • Impact:Moderate
    • Severity: Low
    • Versions: 3.1.0 through 3.8.12
    • Exploit type: ACL Violation
    • Reported Date: 2018-June-20
    • Fixed Date: 2018-October-02
    • CVE Number: CVE-2018-17857

    Description

    Inadequate checks on the tags search fields can lead to an access level violation.

    Affected Installs

    Joomla! CMS versions 3.1.0 through 3.8.12

    Solution

    Upgrade to version 3.8.13

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:Андрей Капитанов
  4. [20181002] - Core - Inadequate default access level for com_joomlaupdate

    • Project: Joomla!
    • SubProject: CMS
    • Impact:High
    • Severity: Low
    • Versions: 2.5.4 through 3.8.12
    • Exploit type: Object Injection
    • Reported Date: 2018-June-21
    • Fixed Date: 2018-October-02
    • CVE Number: CVE-2018-17856

    Description

    Joomla’s com_joomlaupdate allows the execution of arbitrary code. The default ACL config enabled access of Administrator-level users to access com_joomlaupdate and trigger a code execution.

    Affected Installs

    Joomla! CMS versions 2.5.4 through 3.8.12

    Solution

    Upgrade to version 3.8.13

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:Codesafescan
  5. [20181001] - Core - Hardening com_contact contact form

    • Project: Joomla!
    • SubProject: CMS
    • Impact:Moderate
    • Severity: Low
    • Versions: 2.5.0 through 3.8.12
    • Exploit type: Incorrect Access Control
    • Reported Date: 2018-September-17
    • Fixed Date: 2018-October-02
    • CVE Number: CVE-2018-17859

    Description

    Inadequate checks in com_contact could allowed mail submission in disabled forms.

    Affected Installs

    Joomla! CMS versions 2.5.0 through 3.8.12

    Solution

    Upgrade to version 3.8.13

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: David Jardin (JSST)

Getting Help

There are lots of places you can get help with Joomla!. In many places in your site...

The Joomla! Project

The Joomla Project consists of all of the people who make and support the Joomla Web Platform...

Using Joomla!

With Joomla you can create anything from a simple personal website to a complex ecommerce or social...

  

If this is your first Joomla! site or your first web site, you have come to the right place. Joomla will help you get your website up and running quickly and easily. Start off using your site by logging in using the administrator account you created when you installed Joomla.

If you are an experienced Joomla! user, this Joomla site will seem very familiar but also very different. The biggest change is the new administrator interface and the adoption of responsive design. Hundreds of other improvements have been made. 

Joomla! 3 continues development of the Joomla Platform and CMS as a powerful and flexible way to bring your vision of the web to reality. With the new administrator interface and adoption of Twitter Bootstrap, the ability to control its look and the management of extensions is now complete.

Go to top
national cpr association