Unrestricted file upload vulnerability in admin/uploadimage.php in eLitius 1.0 allows remote attackers to bypass intended access restrictions and upload and execute arbitrary files via an avatar file with an accepted Content-Type such as image/gif, then requesting the file in admin/banners/.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation8 reference(s) from NVD