Unrestricted file upload vulnerability in admin/upload_form.php in wPortfolio 0.3 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in admin/tmp/.
CPE | Name | Operator | Version |
---|---|---|---|
wportfolio | le | 0.3 | |
wportfolio | eq | 0.2 |