2005-11-23 04:00:00
mitre
PUBLISHED
Exponent CMS 0.96.3 and later versions does not properly restrict the types of uploaded files, which allows remote attackers to upload and execute PHP files.