Nul800

**Name of the Vulnerable Software and Affected Versions** Umbraco versions prior to 7.2.0 **Description** The issue allows for remote PHP code execution due to the failure of Umbraco.Web.UI/config/umbracoSettings.Release.config to block the upload of .php files. **Recommendations** For versions prior to 7.2.0, update to version 7.2.0 or later to resolve the issue. As a temporary workaround, consider restricting file uploads to prevent the upload of .php files until a patch is applied.