Arbitrary PHP File Upload and Execution in ReviewPost PHP Pro before 2.84

Arbitrary PHP File Upload and Execution in ReviewPost PHP Pro before 2.84

CVE-2005-0272 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

ReviewPost PHP Pro before 2.84 allows remote attackers to upload and execute arbitrary PHP files by posting a review file with multiple extensions, which bypasses the intended restrictions.

Learn more about our Web Application Penetration Testing UK.