ID CVE-2012-2902
Summary Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the Joomla Content Editor (JCE) component before 2.1 for Joomla!, when chunking is set to greater than zero, allows remote authors to execute arbitrary PHP code by uploading a PHP file with a double extension as demonstrated by .jpg.pht. Per: http://cwe.mitre.org/data/definitions/434.html 'Unrestricted Upload of File with Dangerous Type'
References
Vulnerable Configurations
  • cpe:2.3:a:ryan_demmer:joomla_content_editor:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:ryan_demmer:joomla_content_editor:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ryan_demmer:joomla_content_editor:*:*:*:*:*:*:*:*
    cpe:2.3:a:ryan_demmer:joomla_content_editor:*:*:*:*:*:*:*:*
  • cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*
    cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*
CVSS
Base: 6.0 (as of 29-08-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:S/C:P/I:P/A:P
refmap via4
bid 51002
confirm http://www.joomlacontenteditor.net/news/item/jce-21-released?category_id=32
misc http://secunia.com/secunia_research/2012-15/
osvdb 81980
secunia 49206
xf jce-joomla-file-file-upload(75671)
Last major update 29-08-2017 - 01:31
Published 21-05-2012 - 18:55
Last modified 29-08-2017 - 01:31
Back to Top