Critical security hole in Joomla fixed
The developers of Joomla, the open source CMS, have released version 1.0.15 which closes a critical security hole. A remote file inclusion vulnerability in Joomla up to and including version 1.0.14 allows arbitrary PHP code to be injected and executed on the server. The developers recommend creating a backup of the CMS and then upgrading to the latest version. Apart from the new version they also offer several patch packages.
(mba)