XOOPS Uploader Class Arbitrary File Upload Vulnerability

XOOPS Uploader Class Arbitrary File Upload Vulnerability

XOOPS is prone to an arbitrary-file-upload vulnerability because the application fails to sufficiently sanitize user-supplied input.

An attacker can exploit this vulnerability to upload PHP script code and execute it in the context of the webserver process.