Li4U

**Name of the Vulnerable Software and Affected Versions** Wedding Planner version 1.0 **Description** The issue is related to an arbitrary file upload vulnerability in the /Wedding-Management-PHP/admin/photos add.php component. This allows attackers to execute arbitrary code via a crafted PHP file. **Recommendations** For Wedding Planner version 1.0, consider restricting access to the /Wedding-Management-PHP/admin/photos add.php component to prevent arbitrary file uploads until a fix is available. As a temporary workaround, disabling the file upload functionality in this component can help minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Wedding Planner version 1.0 **Description** The issue is related to an arbitrary file upload vulnerability in the /admin/users add.php component. This allows attackers to execute arbitrary code via a crafted PHP file. **Recommendations** For Wedding Planner version 1.0, consider disabling the file upload functionality in the /admin/users add.php component until a patch is available. Restrict access to this component to minimize the risk of exploitation.