• Software Link:
• Affected Versions:
Version 3.1.1 and probably other versions.
• Vulnerability Description:
An error due to the /system/controllers/ajax/attachments.php script not properly validating the extension of an uploaded file can be exploited to execute arbitrary PHP code by uploading a malicious PHP file.
No official solution is currently available.
• Disclosure Timeline:
[06/11/2013] – Vendor notified
[06/11/2013] – Vendor response stating “Please immediately cease and desist all such communications”
[05/12/2013] – Public disclosure
• CVE Reference:
Vulnerability discovered by Egidio Romano, Secunia Research.
• Original Advisory: