info
discussion
exploit
solution
references
Xoops Custom Avatar Remote Arbitrary PHP File Upload Vulnerability
Solution:
The vendor has released a patch to bring version 2.0.9.2 up to version 2.0.9.3 and resolve this issue.
Xoops Xoops 2.0.9 .2
Xoops Xoops 2.0.9.2 to 2.0.9.3 Patch
http://www.xoops.org/modules/core/singlefile.php?cid=4&lid=50
Privacy Statement
Copyright 2010, SecurityFocus
