Hello jDownloads Development Team,
During a security review on a Joomla installation running the latest jDownloads version (4.1.5), the file
administrator/components/com_jdownloads/assets/upload/upload-handler.php
was flagged as malicious by ImunifyAV.
Detection details:
Scanner: ImunifyAV
Detection Type: SMW-INJ-CLOUDAV-php.backdoor.upload-PHPTRP2-4
Scan Type: On-Demand Scan
Detection Date: 2026-06-19
File: administrator/components/com_jdownloads/assets/upload/upload-handler.php
The file appears to be a standalone upload handler which processes uploaded files using $_FILES and move_uploaded_file(). While the code does not contain obfuscation, shell execution, eval(), base64 decoding, or other typical malware indicators, it is consistently detected by ImunifyAV as a potential upload backdoor.
Can you please confirm whether this file is an official part of jDownloads 4.1.5 and whether its functionality is intended?
It may also be helpful to review whether
Hi
As far as I understand ImumnifyAV is a light weight antivirus program designed for Linux web servers. I not sure of its characteristics in Joomla and jDownloads. When I checked on the web it seems to be prone to give false positives on Joomla extensions.
I would suggest you consult your Web Supplier about a suitable antivirus.Best wishes
ColinM