Unrestricted file upload vulnerability in upload_pictures.php in WebXell Editor 0.1.3 allows remote attackers to execute arbitrary code by uploading a .php file with a jpeg content type, then accessing it via a direct request to the file in upload/.
CPE | Name | Operator | Version |
---|---|---|---|
webxell_editor | eq | 0.1.3 |