PHPizabi v0.848b (file.php) Unrestricted File Upload Vulnerability

Description:

PHPizabi is prone to a vulnerability that lets remote attackers to upload and execute arbitrary PHP code. The vulnerability is caused due to an error in the handling of file uploads in the modules/interact/file.php script.

References:

BID-34255
EDB-8287

Disclosure Date:

March 25, 2009