CVE-2023-53869

Name of the Vulnerable Software and Affected Versions WEBIGniter version 28.7.23

Description The software contains a file upload issue that permits authenticated attackers to upload and execute malicious PHP files via the media function. An attacker with any valid account can upload PHP scripts, leading to remote code execution on the application server.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict file upload functionality to trusted users only.