Mukund.S1337

**Name of the Vulnerable Software and Affected Versions** Clip Bucket version 5.5.2 Build#90 **Description** An issue allows a remote attacker to execute arbitrary code via the `file downloader.php` file and the `file` parameter. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ClipBucket versions prior to 5.5.0 **Description** An issue exists in ClipBucket that allows an unauthenticated attacker to upload arbitrary files via the `photo uploader.php` plupload endpoint due to missing access controls in the upload handler. **Recommendations** Update ClipBucket to a version newer than 5.5.0.