Wednesday, 16 December 2015 11:08
Modified: Tuesday, 29 June 2021 11:37

Upgrade Joomla Now - Security

You NEED to update your Joomla right now.

Remote command execution vulnerability was just found in Joomla.

The Joomla security team has released a new version of Joomla 3 to patch critical vulnerability that affects all versions from 1.5 to 3.4.

This is a very serious bug that is already wide known and can be easily exploited.

If you're using Joomla 3 - update it to version 3.4.6 immediately.

If you're using Joomla 1.5 or 2.5 - you need to update one file in order to make it secure.

The file to be patched is located in:


Step by step guide how to patch Joomla 1.5 and 2.5:

  • You can upload the .zip file to the root of your Joomla installation and then extract it directly there. The full path is in the .zip package.
  • Alternatively you can:
    1. extract the Joomla 1.5 or Joomla 2.5 patch on your disk (links are provided above in this post)
    2. login to your ftp server and navigate where Joomla is located
    3. browse to the /libraries/joomla/sessions/ folder
    4. replace your current session.php file with the new session.php file you extracted from the .zip.

If you have any questions or thoughts leave a comment!

How to secure Joomla