FlatPress 1.0.3 CSRF Arbitrary File Upload

Summary FlatPress is a blogging engine that saves your posts as simple text files. Forget about SQL! You just need some PHP. Description The vulnerability is caused due to the improper verification of uploaded files via the Uploader script using 'upload' POST parameter which allows of arbitrary...