CVE-2023-3491
CVE-2023-3491 affects FossBilling (fossbilling/fossbilling) prior to version 0.5.3. The underlying issue is unrestricted upload of a file with a dangerous type in the theme admin flow, enabling an arbitrary PHP file to be uploaded (as shown in PoC evidence). This leads to remote code execution ri...