CVSS: 10.0EPSS: 61%CPEs: 1EXPL: 3CVE-2011-4908 – Joomla 1.5.12 TinyBrowser File Upload Code Execution
https://notcve.org/view.php?id=CVE-2011-4908
TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php. El plugin TinyBrowser para Joomla! versiones anteriores a 1.5.13, permite una carga arbitraria de archivos por medio del archivo upload.php. • https://www.exploit-db.com/exploits/9926 https://www.exploit-db.com/exploits/9296 https://vulmon.com/vulnerabilitydetails?qid=CVE-2011-4908 https://www.openwall.com/lists/oss-security/2011/12/25/7 http://developer.joomla.org/security/news/301-20090722-core-file-upload.html https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/joomla_tinybrowser.rb • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 8%CPEs: 1EXPL: 1CVE-2011-4906 – Joomla! 1.5.12 TinyMCE - Remote Code Execution (via Arbitrary File Upload)
https://notcve.org/view.php?id=CVE-2011-4906
Tiny browser in TinyMCE 3.0 editor in Joomla! before 1.5.13 allows file upload and arbitrary PHP code execution. El navegador Tiny en el editor TinyMCE versión 3.0 en Joomla! versiones anteriores a 1.5.13, permite una carga de archivos y una ejecución de código PHP arbitraria. • https://www.exploit-db.com/exploits/10183 https://developer.joomla.org/security/news/301-20090722-core-file-upload.html https://www.openwall.com/lists/oss-security/2011/12/25/7 • CWE-434: Unrestricted Upload of File with Dangerous Type •