Unrestricted file upload vulnerability in upload.php in WikkiTikkiTavi 1.11 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in img/.
CPE | Name | Operator | Version |
---|---|---|---|
wikkitikkitavi | eq | 1.11 |