Sorry.I missed your reply.
You can reproduce by:
login to joomla website.
in any form with file upload, try to upload a file with multiple extensions ex: abc.pdf.docx OR abc.pdf.exe
the upload scanner set yes to Check multiple extensions unable to stop file upload.
we are facing this issue. pl help us.
Yes. Inadvertently I opened another tag. pl ignore other one.
as seen your reply to other post, security checkpro avoids only double extensions with php files ex. abc.doc.php or abc.php.php.
but our problem is allowed extensions are: doc, xls, pdf etc.
Now joomla is checking only last extension ex: abc.doc.xls is allowed as last extension is xls which is permitted.
it is not checking for double extensions. we need to restrict it to address security audit. pl help us.