Arbitrary File Upload Vulnerability in PHPKIT 1.6.6

Arbitrary File Upload Vulnerability in PHPKIT 1.6.6

CVE-2016-10758 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

PHPKIT 1.6.6 allows arbitrary File Upload, as demonstrated by a .php file to pkinc/admin/mediaarchive.php and pkinc/func/default.php via the image_name parameter.

Learn more about our Web Application Penetration Testing UK.