Joomla! JCE Component Directory Traversal Vulnerability

SECUNIA ADVISORY ID:
SA45849

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/45849/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=45849

RELEASE DATE:
2011-09-01

DESCRIPTION:
AmnPardaz Security Research Team has discovered a vulnerability in
the JCE component for Joomla!, which can be exploited by malicious
users to disclose system information and manipulate certain data.

Certain input is not properly verified before being used to access
files. This can be exploited to view and manipulate files and folders
outside of the application root by e.g. passing certain input via the
"json" parameter to plugins.

Successful exploitation requires permissions in the "Edit" profile.

The vulnerability is confirmed in version 2.0.10. Prior versions may
also be affected.

SOLUTION:
Update to version 2.0.11.

PROVIDED AND/OR DISCOVERED BY:
AmnPardaz Security Research Team

ORIGINAL ADVISORY:
JCE:
http://www.joomlacontenteditor.net/news/item/jce-2011-released

RECENT ARTICLE

RECENT POST