Internet Software

Joomla! Ensures Website Security with Acunetix Web Vulnerability Scanner

Acunetix Nov 21, 2006


26 October, 2006

Acunetix WVS audits Joomla! site for SQL Injection, XSS and other vulnerabilities

Joomla!, an award-winning, open-source content management system, uses Acunetix Web Vulnerability Scanner to automatically audit its PHP-based website. Acunetix WVS scans the site for SQL injection, cross-site scripting and other vulnerabilities, thereby averting possible hacker attacks.

The need for an automated security auditing tool The Joomla! Core Team Quality & Testing Working Group's mission is to help improve the quality, stability and security of the Joomla! Core Code, through continuous rigorous testing and quality reporting. The extensive PHP-based Joomla! Core Code was, until recently, tested manually. "Performing a manual security audit each time we released a new version would take up too many hours and resources. Manual auditing is highly complex and it means that you have to keep track of considerable volumes of code as well as the latest techniques being used by hackers. Finding an automated solution was, therefore, essential," said Mr. Muilwijk, member of the Quality and Testing Team.

Vulnerabilities discovered using Acunetix WVS Using Acunetix Web Vulnerability Scanner, the developers at Joomla! were able to find high-risk SQL Injection vulnerabilities in no time. "The issues detected were of a major impact, if users/hackers would have found the security holes, they could have hacked an entire Joomla! site," said Mr. Muilwijk. Besides SQL Injection vulnerabilities, the software detected some low-level vulnerabilities related to the web server setup.

Fixing the bugs
"With Acunetix WVS, our developers were able to spot the vulnerabilities immediately and the issues were fixed quite easily," said Mr. Muilwijk "It was just a matter of using correct PHP standards and other practices such as input filtering. We ran the scans a few times on every new release, to ensure we did not miss any new issues after changing the core code. With Acunetix WVS we were able to improve the quality, stability and security of Joomla!"

The full case study can be viewed at: www.acunetix.com/vulnerability-scanner/cs_joomla.htm

About Acunetix Web Vulnerability Scanner
Acunetix Web Vulnerability Scanner ensures website security by automatically checking for SQL injection, Cross site scripting and other vulnerabilities. Furthermore, Acunetix protects against the embedding of Javascript malware in a web-page through its JavaScript Analyzer. Such protection secures all AJAX applications. Acunetix WVS also checks password strength on authentication pages and automatically audits shopping carts, forms, dynamic content and other web applications. As the scan is being completed, the software produces detailed reports that pinpoint where vulnerabilities exist.

Acunetix provides free audit to help companies determine the security of their websites Enterprises who would like to have their website security checked can register for a free audit by visiting www.acunetix.com/security-audit. Participating enterprises will receive a summary audit report showing whether their website is secure or not. Summary reports will be delivered within five business days of submission.

About Joomla!
Joomla! is a free, award-winning content management system written in PHP which allows users to easily publish their content on the world wide web and intranets. Joomla! is created as an open-source project where individuals and teams contribute their skills to its development as well as its supporting systems.

What sets Joomla! apart is the team's dedication to keeping things as simple as possible while providing the most features possible. Finally, non-technical people can have complete control over their websites without paying exorbitant amounts for closed, proprietary software.

The name Joomla! is a phonetic spelling for the Swahili word "Jumla", which means "all together" or "as a whole". More information at: dev.joomla.org/

About Acunetix
Acunetix was founded to combat the alarming rise in web attacks. Its flagship product, Acunetix Web Vulnerability Scanner, is the result of several years of development by a team of highly experienced security developers. Acunetix is a privately held company with headquarters based in Europe (Malta), a US office in Seattle, Washington and an office in London, UK. For more information about Acunetix, visit: acunetix.com; acunetix.de.

For more information:
Please email Tamara Borg: tamara@acunetix.com
Acunetix Ltd
Tel: (+44) 0845 6126712
Fax: (+44) 0845 6126716
URL: www.acunetix.com.

Company Name: Acunetix
Address 1: 6th Floor
Address 2: Portomaso Tower
City: Portomaso
Zip: PTM 01
Country: Malta
Phone: +356 2316 8000
URL: www.acunetix.com

Contact Name: Tamara Borg
Title: Marketing Manager
E-mail: tamara@acunetix.com

White Papers & Case Studies

View All White Papers & Case Studies

View All Resources

All Topics

Manufacturing Innovation

Industry Trends

Engineering & Design

Sales & Marketing

Supply Chain

Career & Workforce

Company News

New Products

Thomas Index

Daily Bite

Find Suppliers, Insights, Tools and More...

Become part of North America's largest and most active network of B2B buyers and industrial/commercial suppliers.

Select From Over 500,000
Industrial Suppliers

Find and evaluate OEMs, Custom Manufacturers, Service Companies and Distributors.

Receive Daily
Industry Updates

Stay up to date on industry news and trends, product announcements and the latest innovations.

Search Over
6 Million Products

Find materials, components, equipment, MRO supplies and more.

Download 2D & 3D
CAD Models

10+ million models from leading OEMs, compatible with all major CAD software systems.
Start Sourcing Suppliers Claim Your Company Profile ico-arrow-default-right
Cookie Policy
Close
Thomas uses cookies to ensure that we give you the best experience on our website. By using this site, you agree to our Privacy Statement and our Terms of Use.
Accept