Vulnerabilities > Widgetfactorylimited
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-09 | CVE-2015-7339 | Unrestricted Upload of File with Dangerous Type vulnerability in Widgetfactorylimited JCE 2.5.0/2.5.1/2.5.2 JCE Joomla Component 2.5.0 to 2.5.2 allows arbitrary file upload via a .php file extension for an image file to the /com_jce/editor/libraries/classes/browser.php script. | 6.5 |
| 2012-08-30 | CVE-2011-5134 | File-Upload vulnerability in Com Jce Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the JCE component before 2.0.18 for Joomla! allows remote authenticated users with the author privileges to execute arbitrary PHP code by uploading a file with a double extension, as demonstrated by .php.gif. | 6.0 |