Unrestricted file upload vulnerability in ImperialBB 2.3.5 and previous versions allows remote authenticated users to upload and execute arbitrary PHP code by placing a .php filename in the Upload_Avatar parameter and sending the image/gif content type.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phplizardo imperialbb |