CVE-2011-4334

2017-10-23T14:29:00
ID CVE-2011-4334
Type cve
Reporter NVD
Modified 2017-10-25T07:57:51

Description

edit.php in LabWiki 1.1 and earlier does not properly verify uploaded user files, which allows remote authenticated users to upload arbitrary PHP files via a PHP file with a .gif extension in the userfile parameter.