Link Request Contact Form Arbitrary File Upload Vulnerability

info
discussion
exploit
solution
references

Link Request Contact Form Arbitrary File Upload Vulnerability

Link Request Contact Form is prone to a vulnerability that lets an attacker upload arbitrary files.

Attackers can exploit this vulnerability to upload PHP script code and execute it in the context of the webserver process.

Link Request Contact Form 3.4 is vulnerable; other versions may also be affected.