FarsiNews Admin.PHP Arbitrary File Upload Vulnerability

FarsiNews Admin.PHP Arbitrary File Upload Vulnerability

FarsiNews is prone to a vulnerability that lets attackers upload arbitrary files.

This issue occurs because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue could allow an attacker to upload and execute arbitrary script code in the context of the affected webserver process. This may help the attacker compromise the application; other attacks are possible.

This issue affects FarsiNews 3.0 Beta; other versions may also be affected.