Intrusion PreventionJoomla!.mod_simplefileupload.Plugin.File.Upload
Description
This indicates an attack attempt to perform an Arbitrary File Upload vulnerability in Joomla Mod_simplefileupload Plugin.
The vulnerability is due to a design flaw in the vulnerable application when handling a file upload request without authentication. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, by uploading an arbitrary file without any authentication.
Affected Products
Joomla Mod_simplefileupload Plugin
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to the latest version, available from the website.
https://extensions.joomla.org/extension/simple-file-upload/
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2019-02-01 | 14.540 | Name:Joomla. Plugin. Mod_simplefileupload. File. Upload:Joomla!. mod_simplefileupload. Plugin. File. Upload |
| 2018-11-22 | 13.496 | Default_action:pass:drop |
| 2018-10-09 | 13.468 |
References
https://github.com/Moham3dRiahi/XAttacker| ID | 46961 |
| Created | Oct 09, 2018 |
| Updated | Jan 31, 2019 |
| Risk |
|
| CVE ID | |
| Default Action | drop |
| Active | |
| Affected OS | All |
| Affected App | PHP_app |