The vulnerability of the openregion.security module of the “Open Region” platform, which arises due to insufficient validation of input data, allows attackers to execute arbitrary code or carry out cross-site scripting attacks.

The vulnerability of the “Open Region” platform exists due to insufficient verification of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or perform a cross-site scripting attack by uploading files with extensions .pht, .php7, .php5, .php3, .php4,...