Unrestricted file upload vulnerability in Segue CMS prior to 1.3.6, when the Apache HTTP Server handles .phtml files with the PHP interpreter, allows remote malicious users to upload and execute arbitrary PHP code by placing .phtml files in the userfiles/ directory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
middlebury college segue cms |