Unrestricted file upload vulnerability in upload/uploader.html in meBiblio 0.4.7 allows remote attackers to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the files/ directory.
Software | From | Fixed in |
---|---|---|
mebiblio / mebiblio | 0.4.7 | 0.4.7.x |