ReviewPost PHP Pro before 2.84 allows remote attackers to upload and execute arbitrary PHP files by posting a review file with multiple extensions, which bypasses the intended restrictions.
Software | From | Fixed in |
---|---|---|
photopost / reviewpost_php_pro | - | 2.5.1.x |
photopost / reviewpost_php_pro | 1.0.2 | 1.0.2.x |
photopost / reviewpost_php_pro | 2.5 | 2.5.x |