Unrestricted File Upload Vulnerability in Fabrik Component for Joomla!
CVE-2011-5004

Currently unrated

Key Information:

Vendor: Fabrikar
Status: Com Fabrikar
Vendor: CVE Published:; 25 December 2011

What is CVE-2011-5004?

The Fabrik component for Joomla! contains a vulnerability that allows remote authenticated users with Manager privileges to upload files with executable extensions. This allows the execution of arbitrary code by accessing the uploaded files through a direct request. The vulnerability is present in versions prior to 2.1.1, highlighting a significant security risk for sites utilizing this component.

References

http://www.ohloh.net/p/3417/commits/145749116

x_refsource_CONFIRM

http://www.osvdb.org/77371

vdb-entryx_refsource_OSVDB

http://www.vulnerability-lab.com/get_content.php?id=342

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 25, 2011
Vulnerability Reserved
Dec 24, 2011

CVE-2011-5004 Data

JSON

Fabrikar

What is CVE-2011-5004?

References

Timeline