Rizgar

**Name of the Vulnerable Software and Affected Versions** Szymon Kosok Best Top List (affected versions not specified) **Description** The issue is related to an unrestricted file upload vulnerability in the banner-upload.php file. This allows remote attackers to upload and execute arbitrary PHP files in the banners/ directory. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Pixlie version 1.7 **Description** The issue allows remote attackers to trigger the reading and JPEG image processing of files in a remote directory tree via a URL in the `root` parameter. This can be leveraged for traffic amplification or other denial of service. **Recommendations** For Pixlie version 1.7, consider restricting access to the `pixlie.php` file or disabling the functionality that allows remote attackers to specify a URL in the `root` parameter until a patch is available.