CVE-2011-5004

Unrestricted file upload vulnerability in models/importcsv.php in the Fabrik (com_fabrik) component before 2.1.1 for Joomla! allows remote authenticated users with Manager privileges to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:fabrikar:com_fabrikar:*:*:*:*:*:*:*:*
cpe:2.3:a:fabrikar:com_fabrikar:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:fabrikar:com_fabrikar:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:fabrikar:com_fabrikar:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:fabrikar:com_fabrikar:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:fabrikar:com_fabrikar:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*

Information

Published : 2011-12-24 17:55

Updated : 2012-02-16 20:10


NVD link : CVE-2011-5004

Mitre link : CVE-2011-5004


JSON object : View

Advertisement

dedicated server usa

Products Affected

joomla

  • joomla\!

fabrikar

  • com_fabrikar