images.php in Justin White (aka YTZ) Free Web Publishing System (FreeWPS) 2.11 allows remote malicious users to execute arbitrary PHP code by uploading a .php file into the /upload directory as specified in the dirPath parameter, then performing a direct request to that file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
justin white freewps 2.11 |