CVE-2011-4906

Summary

Tiny browser in TinyMCE 3.0 editor in Joomla! before 1.5.13 allows file upload and arbitrary PHP code execution.

Affected Software

VendorProductVersion RangeStatus
Joomla!Tiny browser included with TinyMCE 3.01.5.12affected
Joomla!Tiny browser included with TinyMCE 3.0fixed in 1.5.13affected

Weaknesses

  • Arbitrary PHP Code Execution

ADP Enrichment

CVE Program Container

Additional References

References