Filtered by vendor Widgetfactorylimited
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-7339 | 1 Widgetfactorylimited | 1 Jce | 2020-03-10 | 6.5 MEDIUM | 8.8 HIGH |
JCE Joomla Component 2.5.0 to 2.5.2 allows arbitrary file upload via a .php file extension for an image file to the /com_jce/editor/libraries/classes/browser.php script. | |||||
CVE-2011-5134 | 2 Joomla, Widgetfactorylimited | 2 Joomla\!, Com Jce | 2012-09-12 | 6.0 MEDIUM | N/A |
Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the JCE component before 2.0.18 for Joomla! allows remote authenticated users with the author privileges to execute arbitrary PHP code by uploading a file with a double extension, as demonstrated by .php.gif. NOTE: some of these details are obtained from third party information. |