Unrestricted file upload vulnerability in ImperialBB 2.3.5 and earlier allows remote authenticated users to upload and execute arbitrary PHP code by placing a .php filename in the Upload_Avatar parameter and sending the image/gif content type.
Software | From | Fixed in |
---|---|---|
phplizardo / imperialbb | - | 2.3.5.x |