Joomla! RAXO All-mode PRO Module TimThumb Arbitrary File Upload Vulnerability

SECUNIA ADVISORY ID:
SA45603

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/45603/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=45603

RELEASE DATE:
2011-08-15
DESCRIPTION:
A vulnerability has been reported in the RAXO All-mode PRO module for
Joomla!, which can be exploited by malicious people to compromise a
vulnerable system.

The vulnerability is caused due to a bundled vulnerable version of
TimThumb.

For more information see vulnerability #1 in:
SA45416

SOLUTION:
Update to version 1.5.0.

PROVIDED AND/OR DISCOVERED BY:
Reported by the Joomla! VEL team.

ORIGINAL ADVISORY:
Joomla!:
http://docs.joomla.org/Vulnerable_Extensions_List#RAXO_All-mode_PRO

RAXO:
http://raxo.org/forum/viewtopic.php?f=2&t=60#p2056

RECENT ARTICLE

RECENT POST