Home > Content Management, File Inclusion > e107 Radio Plan Plugin Arbitrary File Upload Vulnerability

e107 Radio Plan Plugin Arbitrary File Upload Vulnerability

June 30th, 2012

Application: e107
Affected Version: version 2.06 and other versions.
Vendor’s URL: Radio Plan Plugin
Bug Type: File Upload
Risk Level: Critical

Solution:
Restrict access to the e107_plugins/radio_plan/admin/upload.php script (e.g. via .htaccess).

Content Management, File Inclusion

Comments are closed.