CVE-2012-2902

Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the Joomla Content Editor (JCE) component before 2.1 for Joomla!, when chunking is set to greater than zero, allows remote authors to execute arbitrary PHP code by uploading a PHP file with a double extension as demonstrated by .jpg.pht.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:ryan_demmer:joomla_content_editor:*:*:*:*:*:*:*:*
cpe:2.3:a:ryan_demmer:joomla_content_editor:2.0:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*

Information

Published : 2012-05-21 11:55

Updated : 2017-08-28 18:31


NVD link : CVE-2012-2902

Mitre link : CVE-2012-2902


JSON object : View

Advertisement

dedicated server usa

Products Affected

joomla

  • joomla\!

ryan_demmer

  • joomla_content_editor