Main Vulnerability Database SB2011122801

SB2011122801 - Unrestricted file upload in Simple File Upload for Joomla!

Published: December 28, 2011 Updated: May 1, 2017

Security Bulletin ID SB2011122801

CSH Severity

High

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Unrestricted file upload (CVE-ID: CVE-2011-5148)

CWE-ID: CWE-434 - Unrestricted Upload of File with Dangerous Type

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear

The vulnerability allows a remote attacker to execute arbitrary PHP code on the target system.

The weakness exists due to the improper validation of file extensions by the index.php script. A remote attacker can send a specially-crafted HTTP request, upload a malicious PHP script and execute arbitrary PHP code on the system.

Successful exploitation of the vulnerability results in arbitrary PHP code execution on the vulnerable system.

Remediation

Install update from vendor's website.

References

https://docs.joomla.org/Vulnerable_Extensions_List#Simple_File_Upload_1.3