First published: Wed Feb 12 2020(Updated: )
TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Tiny Tinybrowser | <1.5.13 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2011-4908 is a vulnerability in the TinyBrowser plugin for Joomla! before version 1.5.13.
CVE-2011-4908 allows arbitrary file upload via the upload.php function in the TinyBrowser plugin for Joomla! before version 1.5.13.
CVE-2011-4908 has a severity rating of 9.8 out of 10, making it critical.
To fix CVE-2011-4908, you should update your Joomla! installation to version 1.5.13 or later and remove the vulnerable TinyBrowser plugin.
For more information about CVE-2011-4908, you can refer to the following resources: [Link 1](https://www.openwall.com/lists/oss-security/2011/12/25/7), [Link 2](https://www.exploit-db.com/exploits/9926), [Link 3](https://vulmon.com/vulnerabilitydetails?qid=CVE-2011-4908)