Tag
HS Brand Logo Slider version 2.1 contains an unrestricted file upload vulnerability (CVE-2020-37227) allowing authenticated users to bypass client-side validation and upload arbitrary files, leading to remote code execution by intercepting upload requests and renaming files to executable extensions.