Race condition in articles/BitArticle.php in Bitweaver 1.3, when run on Apache with the mod_mime extension, allows remote malicious users to execute arbitrary PHP code by uploading arbitrary files with double extensions, which are stored for a small period of time under the webroot in the temp/articles directory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bitweaver bitweaver 1.3 |