CVE-2017-7570

PivotX 2.3.11 allows remote authenticated Advanced users to execute arbitrary PHP code by performing an upload with a safe file extension such as .jpg and then invoking the duplicate function to change to the .php extension...

CVE-2017-7570

PivotX 2.3.11 is affected by a vulnerability where remote authenticated Advanced users can execute arbitrary PHP code. The issue arises when an attacker uploads a file with a safe extension (e.g., .jpg) and then uses a duplicate function to change the extension to .php. The provided documents ide...