Sysbug

Name of the Vulnerable Software and Affected Versions: e107 versions prior to 0.617 Description: The issue allows remote attackers to execute arbitrary code by uploading a PHP file via the `upload` parameter to "images.php". This is due to the improper checking of uploaded file types by ImageManager. Recommendations: For versions prior to 0.617, update to version 0.617 or later to resolve the issue. As a temporary workaround, consider restricting access to the "images.php" endpoint or disabling the file upload functionality via the `upload` parameter until a patch is available.