Dentrasi

Name of the Vulnerable Software and Affected Versions: New Earth Programming Team (NEPT) imgupload (aka Image Uploader) version 1.0 Description: The issue allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a modified content type, then accessing this file via a direct request. This can be achieved by uploading a file with a content type such as `image/jpeg`. Recommendations: For New Earth Programming Team (NEPT) imgupload (aka Image Uploader) version 1.0, consider restricting or disabling the file upload functionality in `uploadp.php` until a proper fix is available to prevent remote attackers from executing arbitrary code. Additionally, restrict access to uploaded files to minimize the risk of exploitation.