Widgetfactorylimited

widgetfactorylimited

2 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-7339 1Widgetfactorylimited 1Jce Nov 21, 2024 Mar 9, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 JCE Joomla Component 2.5.0 to 2.5.2 allows arbitrary file upload via a .php file extension for an image file to the /com_jce/editor/libraries/classes/browser.php script.
CVE-2011-5134 1Widgetfactorylimited 1Com Jce Apr 29, 2026 Aug 30, 2012 N/A· v4 N/A· v3 6.0 MEDIUM· v2 Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the JCE component before 2.0.18 for Joomla! allows remote authenticated users with the author privileges to execute arbitrary PHP code by up...Show more Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the JCE component before 2.0.18 for Joomla! allows remote authenticated users with the author privileges to execute arbitrary PHP code by uploading a file with a double extension, as demonstrated by .php.gif. NOTE: some of these details are obtained from third party information.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2015-7339

1Widgetfactorylimited

1Jce

Nov 21, 2024

Mar 9, 2020

N/A· v4

8.8 HIGH· v3

6.5 MEDIUM· v2

JCE Joomla Component 2.5.0 to 2.5.2 allows arbitrary file upload via a .php file extension for an image file to the /com_jce/editor/libraries/classes/browser.php script.

CVE-2011-5134

1Widgetfactorylimited

1Com Jce

Apr 29, 2026

Aug 30, 2012

N/A· v4

N/A· v3

6.0 MEDIUM· v2

Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the JCE component before 2.0.18 for Joomla! allows remote authenticated users with the author privileges to execute arbitrary PHP code by uploading a file with a double extension, as demonstrated by .php.gif. NOTE: some of these details are obtained from third party information.Show less