The Tutorials 2.0 module in XOOPS and E-XOOPS allows remote malicious users to execute arbitrary code by uploading a PHP file without a MIME image type, then directly accessing the uploaded file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mytutorials tutorials 2.0 |