Unrestricted file upload vulnerability in pfs.php in Neocrome Seditio 121 and previous versions allows remote authenticated users to upload arbitrary PHP code via a filename ending with (1) .php.gif, (2) .php.jpg, or (3) .php.png.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
neocrome seditio |