CVE-2011-4906

CRITICAL

Tinybrowser < 1.5.13 - Unrestricted File Upload and Remote Code Execution

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-4906. PoCs published by daath.

AI-analyzed exploit summary This exploit targets a file upload vulnerability in Joomla 1.5.12 via TinyMCE, allowing remote code execution by uploading a malicious PHP shell disguised as an image file and renaming its extension.

Description

Tiny browser in TinyMCE 3.0 editor in Joomla! before 1.5.13 allows file upload and arbitrary PHP code execution.

Exploits (1)

exploitdb WORKING POC VERIFIED

by daath · phpwebappsphp

https://www.exploit-db.com/exploits/10183

View Code ZIP pw:eip

This exploit targets a file upload vulnerability in Joomla 1.5.12 via TinyMCE, allowing remote code execution by uploading a malicious PHP shell disguised as an image file and renaming its extension.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Joomla 1.5.12

No auth needed

Prerequisites: TinyMCE plugin enabled · Access to the TinyMCE upload functionality

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505.003 - Web Shell

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Mailing List, Third Party Advisory x_refsource_misc

https://www.openwall.com/lists/oss-security/2011/12/25/7

Vendor Advisory x_refsource_confirm

https://developer.joomla.org/security/news/301-20090722-core-file-upload.html

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/10183

Scores

CVSS v3 9.8

EPSS 0.3588

EPSS Percentile 97.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-434

Status published

Products (1)

tiny/tinybrowser < 1.5.13

Published Feb 12, 2020

Tracked Since Feb 18, 2026