Tag
An unrestricted file upload vulnerability in Vvveb versions before 1.0.8.2 allows authenticated users with media upload permissions to achieve remote code execution by uploading a .htaccess file to execute arbitrary PHP code via a .phtml file.