Arbitrary PHP File Upload Vulnerability in LabWiki 1.1 and Earlier
CVE-2011-4334 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
edit.php in LabWiki 1.1 and earlier does not properly verify uploaded user files, which allows remote authenticated users to upload arbitrary PHP files via a PHP file with a .gif extension in the userfile parameter.
Learn more about our User Device Pen Test.