While an entire volume could be filled with common mistakes, we’ll focus on a few of them here. They are presented here in no particular order.
One big problem comes in if you are using a component that is vulnerable. To start with, why would we deliberately set up our site to be broken into? A quick review of the current vulnerability list shows at the time of writing of over sixty known vulnerable extensions.
Here is one chosen at random known as AutoStand. I followed the link listed in Joomla! and found the security site FrSIRT. They list this as a critical exploit.
Advisory ID : FrSIRT/ADV-2007-1392CVE ID : CVE-2007-2319Rated as : High RiskRemotely Exploitable : YesLocally Exploitable : Yes ...