CORE IMPACT v9 - Exploits Update (Mon Aug 31 2009)
Joomla 1.5.12 Remote Code Execution Exploit
Exploits/Remote [Linux]
• Mon Aug 31 2009
A vulnerability exists in the TinyMCE editor, included in the tiny browser plugin, which allows uploading files without authentication. This can be exploited to upload files with multiple extensions and execute arbitrary PHP code.
Exploits Vulnerabiltiy: NOCVE-9999-39524