Posted by Egidio Romano on Dec 31

———————————————————————
Osclass <= 3.4.2 (contact.php) Unrestricted File Upload Vulnerability
———————————————————————

[-] Software Link:

http://osclass.org/

[-] Affected Versions:

Version 3.4.2 and probably prior versions.

[-] Vulnerability Description:

The vulnerable code is located in the /oc-includes/osclass/controller/contact.php script:…