SECUNIA ADVISORY ID: SA47710 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47710/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47710 RELEASE DATE: 2012-01-26DESCRIPTION: A vulnerability has been discovered in the JE Story Submit component for Joomla!, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the "update()" function in the components/com_jesubmit/controllers/request_get.php script improperly validating the extension of an uploaded file. This can be exploited to e.g. upload and execute arbitrary PHP files by passing an allowed MIME media type in the HTTP headers. The vulnerability is confirmed in version 1.9.3. Other versions may also be affected. SOLUTION: Restrict access to the upload folder (e.g. via .htaccess). PROVIDED AND/OR DISCOVERED BY: Robert Cooper.