virus logo Intrusion Prevention

Joomla!.JCE.Extension.Remote.File.Upload

description-logoDescription

This indicates an attack attempt to exploit multiple vulnerabilities in JCE Joomla! extension.
This issue is caused by a lack of sanitizing the user input that is passed to "index.php". It may allow remote attackers to execute arbitrary script via a crafted http request.

affected-products-logoAffected Products

Versions lower than JCE 2.0.11 or JCE 1.5.7.14

Impact logoImpact

System Compromise: Remote attackers can execute arbitrary script code in the context of the affected site.

recomended-action-logoRecommended Actions

Upgrade to the latest version,available from the web site.
http://www.joomlacontenteditor.net/news/item/jce-2011-released

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-02-01 14.540 Name:Joomla.
JCE.
Extension.
Remote.
File.
Upload:Joomla!.
JCE.
Extension.
Remote.
File.
Upload

References

http://www.joomla.org/ http://www.exploit-db.com/exploits/17734/
ID 34490
Created Jan 25, 2013
Updated Apr 17, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Windows, Linux, BSD, Solaris, MacOS
Affected App PHP_app