Description
A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal vulnerability in the users['photop_preview'] delete photo feature, allowing bypass of .htaccess protection. NOTE: this issue exists because of an incomplete fix for CVE-2015-3884.
Remediation
References
Related Vulnerabilities
XWiki Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2022-23619)
Oracle Database Server CVE-2006-3701 Vulnerability (CVE-2006-3701)
SharePoint NULL Pointer Dereference Vulnerability (CVE-2020-1069)
Sqlite Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2019-19646)