PHPizabi 'image.php' Arbitrary File Upload Vulnerability

info
discussion
exploit
solution
references

PHPizabi 'image.php' Arbitrary File Upload Vulnerability

PHPizabi is prone to a vulnerability that lets an attacker upload and execute arbitrary script code in the context of the affected webserver process. The issue occurs because the application fails to sufficiently sanitize user-supplied input.

This issue affects PHPizabi 0.848b; other versions may also be vulnerable.