An arbitrary file upload vulnerability exists in emlog pro 2.3.0 and pro 2.3.2 at admin/views/plugin.php that could be exploited by a remote malicious user to submit a special request to upload a malicious file to execute arbitrary code.