Description

The Admin Upload Image functionality in Joomla! before 1.0.11 allows remote authenticated users to upload files outside of the /images/stories/ directory via unspecified vectors.

Remediation

References

CVE-2006-4471

Related Vulnerabilities

Oracle Application Server CVE-2006-0284 Vulnerability (CVE-2006-0284)

WordPress Plugin Cookie Notification for WordPress-WP Cookie User Info includes Backdoor [Only if downloaded via the vendor website] (1.0.7)

Piwigo Improper Access Control Vulnerability (CVE-2016-10084)

WordPress Plugin Site Offline Or Coming Soon Or Maintenance Mode Security Bypass (1.5.2)

MySQL Other Vulnerability (CVE-2007-1420)

Severity

Medium

Classification

CVE-2006-4471 CWE-434

Tags

Missing Update Known Vulnerabilities