Description

The Admin Upload Image functionality in Joomla! before 1.0.11 allows remote authenticated users to upload files outside of the /images/stories/ directory via unspecified vectors.

Remediation

References

CVE-2006-4471

Related Vulnerabilities

WordPress Plugin Easy Social Icons Multiple Vulnerabilities (1.2.2)

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9241)

Oracle JRE CVE-2013-1540 Vulnerability (CVE-2013-1540)

WordPress Plugin Comments-wpDiscuz Arbitrary File Upload (7.0.4)

WordPress Plugin BA Book Everything Cross-Site Scripting (1.3.24)

Severity

Medium

Classification

CVE-2006-4471 CWE-434

Tags

Missing Update Known Vulnerabilities