xoops tad_uploader module upload vulnerability-vulnerability warning-the black bar safety net

Xoops is a very popular dynamic web content management system, with object-oriented PHP to write. xoops taduploader module catsn parameter space can be arbitrarily upload files to the uploads/taduploader/directory. Test code: FORM action='http://www.hackqing.cn/modules/taduploader/index.php'...