Description
Joomla! Core is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently upload files outside of the /images/stories/ directory. Joomla! Core versions 1.0.x ranging from 1.0.0 and up to and including 1.0.10 are vulnerable.
Remediation
Update to Joomla! Core version 1.0.11 or latest
References
Related Vulnerabilities
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1161)
WordPress Plugin Smart Slider 2 Multiple Cross-Site Scripting Vulnerabilities (2.3.11)
WordPress Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2022-3590)
WordPress Plugin OneLogin SAML SSO Security Bypass (2.2.0)
WordPress Plugin Booking Calendar Cross-Site Request Forgery (4.1.5)