administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x prior to 2.5.14 and 3.x prior to 3.1.5 allows remote authenticated users or remote malicious users to bypass intended access restrictions and upload files with dangerous extensions via a filename with a trailing . (dot), as exploited in the wild in August 2013.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
joomla joomla\\! 2.5.12 |
||
joomla joomla\\! 2.5.11 |
||
joomla joomla\\! 2.5.6 |
||
joomla joomla\\! 2.5.7 |
||
joomla joomla\\! 2.5.13 |
||
joomla joomla\\! 2.5.4 |
||
joomla joomla\\! 2.5.5 |
||
joomla joomla\\! 2.5.2 |
||
joomla joomla\\! 2.5.3 |
||
joomla joomla\\! 2.5.0 |
||
joomla joomla\\! 2.5.1 |
||
joomla joomla\\! 2.5.10 |
||
joomla joomla\\! 2.5.8 |
||
joomla joomla\\! 2.5.9 |
||
joomla joomla\\! 3.1.3 |
||
joomla joomla\\! 3.1.2 |
||
joomla joomla\\! 3.1.1 |
||
joomla joomla\\! 3.1.0 |
||
joomla joomla\\! 3.0.4 |
||
joomla joomla\\! 3.1.4 |
||
joomla joomla\\! 3.0.2 |
||
joomla joomla\\! 3.0.3 |
||
joomla joomla\\! 3.0.0 |
||
joomla joomla\\! 3.0.1 |
Vulmon