Description
In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate MIME type checks allowed low-privilege users to upload swf files even if they were explicitly forbidden.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP e-Commerce-Store Toolkit Privilege Escalation (2.0)
Python Integer Overflow or Wraparound Vulnerability (CVE-2007-4965)
WordPress Plugin Yoast SEO Cross-Site Scripting (5.7.1)
WordPress Plugin Events Made Easy PHP Object Injection (2.0.52)
WordPress Plugin Meow Gallery (+ Gallery Block) Security Bypass (4.1.9)