security vulnerability
The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! CMS does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the .php6
, .php7
, .phtml
, and .phpt
extensions. Additionally, JHelperMedia::canUpload() did not blacklist these file extensions as uploadable file types.
Status | New | ⇒ | Closed |
Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2016-12-13 14:41:52 |
Closed_By | ⇒ | mbabker |
This particular one , is 2nd in the list of security issues fixed, and is of "low severity", see here:
https://www.joomla.org/announcements/release-news/5693-joomla-3-6-5-released.html
"low severity", due to the fact that media manager, and other extensions are also using "allowed" file extensions to check which files are allowed to be uploaded, see my answer here
https://forum.joomla.org/viewtopic.php?f=714&t=941908#p3449503
See the CVE report: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9836