Secunia Research has discovered a vulnerability in Pulse CMS, which can be exploited by malicious users to compromise a vulnerable system. An error in the validation of uploaded image files can be exploited to upload files with an arbitrary extension to a folder within the web root. This can be exploited to upload and execute arbitrary PHP code. Successful exploitation requires authentication. Pulse CMS basic versions 1.2.2 and 1.2.3 are affected.
7d348c77d45817a884d675117e36f8fbe660f2d54052eb709596734c4376654d