Joomla!.JCE.Extension.Remote.File.Upload
Description
This indicates an attack attempt to exploit multiple vulnerabilities in JCE Joomla! extension.
This issue is caused by a lack of sanitizing the user input that is passed to "index.php". It may allow remote attackers to execute arbitrary script via a crafted http request.
Affected Products
Versions lower than JCE 2.0.11 or JCE 1.5.7.14
Impact
System Compromise: Remote attackers can execute arbitrary script code in the context of the affected site.
Recommended Actions
Upgrade to the latest version,available from the web site.
http://www.joomlacontenteditor.net/news/item/jce-2011-released
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-02-01 | 14.540 | Name:Joomla. JCE. Extension. Remote. File. Upload:Joomla!. JCE. Extension. Remote. File. Upload |