Jetbox One 2.0.8 and possibly other versions allow remote attackers with Author privileges in the IMAGES module to upload PHP files and execute arbitrary code.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Jetbox_one_cms | Jetbox | 2.0.8 (including) | 2.0.8 (including) |