Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the Joomla Content Editor (JCE) component before 2.1 for Joomla!, when chunking is set to greater than zero, allows remote authors to execute arbitrary PHP code by uploading a PHP file with a double extension as demonstrated by .jpg.pht.
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2012-05-21 11:55
Updated : 2017-08-28 18:31
NVD link : CVE-2012-2902
Mitre link : CVE-2012-2902
JSON object : View
CWE
Products Affected
joomla
- joomla\!
ryan_demmer
- joomla_content_editor