Files ≈ Packet Storm

Files ≈ Packet Storm Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 06:34:48 GMT Packet Storm 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=2168633582&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0910-exploits%2Fjoomla_tinybrowser.rb.txt%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.2168633582.1338186888.1338186888.1338186888.1%3B%2B__utmz%3D32867617.1338186888.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) Joomla 1.5.12 TinyBrowser File Upload Code Execution http://packetstormsecurity.org/files/82358/joomla_tinybrowser.rb.txt http://packetstormsecurity.org/files/82358/joomla_tinybrowser.rb.txt http://packetstormsecurity.org/files/82358/Joomla-1.5.12-TinyBrowser-File-Upload-Code-Execution.html Fri, 30 Oct 2009 18:10:22 GMT This Metasploit module exploits a vulnerability in the TinyMCE/tinybrowser plugin. This plugin is not secured in version 1.5.12 of joomla and allows the upload of files on the remote server. By renaming the uploaded file this vulnerability can be used to upload/execute code on the affected system.