Metaforum : Security Vulnerabilities, CVEs,
Unrestricted file upload vulnerability in usercp.php in MetaForum 0.513 Beta restricts file types based on the MIME type in the Content-type HTTP header, which allows remote attackers to upload and execute arbitrary scripts via an image MIME type with a filename containing an executable extension such as .php.
Max CVSS
7.5
EPSS Score
12.43%
Published
2007-03-20
Updated
2018-10-16
1 vulnerabilities found