Intrusion Prevention

Joomla!.JCE.Extension.Remote.File.Upload

Description

This indicates an attack attempt to exploit multiple vulnerabilities in JCE Joomla! extension.
This issue is caused by a lack of sanitizing the user input that is passed to "index.php". It may allow remote attackers to execute arbitrary script via a crafted http request.

Affected Products

Versions lower than JCE 2.0.11 or JCE 1.5.7.14

Impact

System Compromise: Remote attackers can execute arbitrary script code in the context of the affected site.

Recommended Actions

Upgrade to the latest version,available from the web site.
http://www.joomlacontenteditor.net/news/item/jce-2011-released