Top Panel

This panel contains four module positions: panel1, panel2, panel3 and panel4. If none of these have published modules, the panel will be hidden.

You have control over the panel settings. You can change panel's height (currently 250px), width (100%), background color and panel's button text (open/close).

Open

CSS3 Powered

This template uses modern CSS3 techniques, such as rounded borders and gradient colors, with IE compatibility maintained. ALL colors (including gradients) are customizable in parameters.

Joomla! Security News

    • Project: Joomla!
    • SubProject: CMS
    • Impact: Moderate
    • Severity: Low
    • Versions: 2.5.0 - 3.9.16
    • Exploit type: Incorrect Access Control
    • Reported Date: 2020-March-13
    • Fixed Date: 2020-April-21
    • CVE Number: CVE-2020-11889

    Description

    Incorrect ACL checks in the access level section of com_users allow the unauthorized deletion of usergroups.

    Affected Installs

    Joomla! CMS versions 2.5.0 - 3.9.16

    Solution

    Upgrade to version 3.9.17

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Hoang Kien from VSEC
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Moderate
    • Severity: Low
    • Versions: 2.5.0 - 3.9.16
    • Exploit type: Incorrect Access Control
    • Reported Date: 2020-February-27
    • Fixed Date: 2020-April-21
    • CVE Number: CVE-2020-11890

    Description

    Inproper input validations in the usergroup table class could lead to a broken ACL configuration.

    Affected Installs

    Joomla! CMS versions 2.5.0 - 3.9.16

    Solution

    Upgrade to version 3.9.17

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Hoang Kien from VSEC
    • Project: Joomla!
    • SubProject: CMS
    • Impact: Low
    • Severity: Low
    • Versions: 3.8.8 - 3.9.16
    • Exploit type: Incorrect Access Control
    • Reported Date: 2020-March-13
    • Fixed Date: 2020-April-21
    • CVE Number: CVE-2020-11891

    Description

    Incorrect ACL checks in the access level section of com_users allow the unauthorized editing of usergroups.

    Affected Installs

    Joomla! CMS versions 3.8.8 - 3.9.16

    Solution

    Upgrade to version 3.9.17

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By: Hoang Kien from VSEC
    • Project: Joomla!
    • SubProject: CMS
    • Impact: High
    • Severity: Low
    • Versions: 1.7.0-3.9.15
    • Exploit type: SQL Injection
    • Reported Date: 2020-March-9
    • Fixed Date: 2020-March-10
    • CVE Number: CVE-2020-10243

    Description

    The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the "Featured Articles" frontend menutype.

    Affected Installs

    Joomla! CMS versions 1.7.0 - 3.9.15

    Solution

    Upgrade to version 3.9.16

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:Sam Thomas, Pentest.co.uk
    • Project: Joomla!
    • SubProject: CMS
    • Impact: High
    • Severity: Low
    • Versions: 3.0.0-3.9.15
    • Exploit type: Other
    • Reported Date: 2020-February-07
    • Fixed Date: 2020-March-10
    • CVE Number: CVE-2020-10240

    Description

    Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses.

    Affected Installs

    Joomla! CMS versions 3.0.0 - 3.9.15

    Solution

    Upgrade to version 3.9.16

    Contact

    The JSST at the Joomla! Security Centre.

    Reported By:Lee Thao from Viettel Cyber Security

Reflection Effect

Reflection script is incorporated in template. If you want an image to have it, use class "reflect" for your images. You can also control reflection's height and opacity.

Learn more about it here.

HotStart

Follow our instructions to make a copy of this demo site to your server.

HotStart! is available with each template. It allows you to create a copy of this demo.

Cross-Browser Compatible

This template uses modern CSS3 functions supported by modern browsers. It uses script that maintain IE7 and IE8 compatibility.

Tested in IE7+, Firefox, Opera, Chrome, Safari and Camino.