Frontpage

Newsletter & Updates

I am totally relaxed!

Because I know Joomlamonitor is working for me. Whenever my website is down, I get an instant alert (and a copy goes to my web-host too!)
Do you wanna try?

Searching for files online? File search system - best decision. Seop for search engine optimization. Now you can build a website by yourself.

[20090722] - Core - File Upload

Project: Joomla!
SubProject: TinyMCE editor
Severity: Critical
Versions: 1.5.12
Exploit type: Image File upload
Reported Date: 2009-July-22
Fixed Date: 2009-July-22

Description

Tiny browser included with TinyMCE 3.0 editor allowed files to be uploaded and removed without logging in.

Affected Installs

Version 1.5.12 only

Solution

Upgrade to latest Joomla! version (1.5.13 or newer).

Reported by Patrice Lazareff.

Contact

The JSST at the Joomla! Security Center.

Read full...

Author:

< Prev		Next >

More Articles in This Category
[20111101] - Core - XSS Vulnerability [20100423] - Core - Password Reset Tokens [20100423] - Core - Password Reset Tokens [20100703] - Core - XSS Vulnerabillitis in Back End [20090723] - Core - com_mailto Timeout Issue	[20110403] - Core - Information Disclosure [20110303] - Core - Information Disclosure [20120203] - Core - Information Disclosure [20110302] - Core - Redirect Vulnerabilities [20110901] - Core - XSS Vulnerability