Joomla JCE (CVE-2012-2902)

Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the Joomla Content Editor (JCE) component before 2.1 for Joomla!, when chunking is set to greater than zero, allows remote authors to execute arbitrary PHP code by uploading a PHP file with a double extension. Registered as CVE-2012-2902 Pyxsoft solution Multiple exploits combine the JCE vulnerability with Multipart…

Multipart Strict Error

Users upload data. No matter what web application they are using, most of them needs data to be uploaded. Normally users upload images, text files, documents, pdf and more. To upload a file, web browsers send to the server a request known as “Multipart Form”. Multipart form have a specific format defined in RFC 2388…