2021-10-08 15:15:36
twcert
PUBLISHED
The file extension of the TadTools file upload function fails to filter, thus remote attackers can upload any types of files and execute arbitrary code without logging in.