WSN Forum Avatar Upload PHP Code Execution Vulnerability

The WSN Forum application is prone to an arbitrary PHP code-execution vulnerability when uploading avatar images.

If successful, attackers can execute script code with the privileges of the webserver process.

WSN Forum 1.3.4 and prior versions are affected by this issue.


 

Privacy Statement
Copyright 2010, SecurityFocus