Arbitrary PHP File Execution Vulnerability in Joomla! CMS

Arbitrary PHP File Execution Vulnerability in Joomla! CMS

CVE-2016-9836 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the `.php6`, `.php7`, `.phtml`, and `.phpt` extensions. Additionally, JHelperMedia::canUpload() did not blacklist these file extensions as uploadable file types.

Learn more about our Cms Pen Testing.