Investigation of exploits
From Joomla! Documentation
JCE (joomla content editor) 2.2.4
This report appears to be the result of a "false positive" based on the detection of an exploit attempt using a vulnerability reported in an earlier version of JCE (versions before 2.1.3) -  and 
The detection of the exploit attempt does in no way in our opinion indicate a vulnerability in the extension. It is our belief that JCE 2.2.4 (and versions released since 2.1.3) is secure and not vulnerable to an upload exploit.