CVE-2024-37868

File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote attacker to execute arbitrary code via the "sendreply.php" file, and the uploaded file was received using the "$- FILES" variable...

PT-2024-27796 · Unknown · Itsourcode Online Discussion Forum Project

Name of the Vulnerable Software and Affected Versions: Itsourcecode Online Discussion Forum Project version 1.0 Description: A remote attacker can execute arbitrary code via the "sendreply.php" file due to a File Upload vulnerability. The uploaded file is received using the $FILES variable. This...