PT-2013-5653 · Joomla · Joomla!
Jens Hinrichsen
·
Publicado
2013-10-09
·
Atualizado
2013-12-01
·
CVE-2013-5576
CVSS v2.0
6.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Joomla! versions 2.5.x through 2.5.13
Joomla! versions 3.x through 3.1.4
Description
The issue allows remote authenticated users or remote attackers to bypass intended access restrictions and upload files with dangerous extensions via a filename with a trailing . (dot). This has been exploited in the wild.
Recommendations
For Joomla! versions 2.5.x through 2.5.13, update to version 2.5.14 or later.
For Joomla! versions 3.x through 3.1.4, update to version 3.1.5 or later.
Exploit
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Joomla!