Joomla! Core is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable.
[
{
"product": "Joomla",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Joomla core from 1.5.0 up to and including 1.5.15"
}
]
}
]