Information from Dojin Club MICMNIS
Vulnerability ID:JVN#00095004
Title:Multiple vulnerabilities in phpUploader
Status:Vulnerable
This is a statement from the vendor itself with no modification by JPCERT/CC.
Vulnerability Affected Versions
- All versions of phpUploader v1.2 and earlier
Countermeasure
- Update to phpUploader v1.2.1.
The method to check the affected version is not provided until v1.2. If the credit in the lower right corner of the top page is as follows, it is all v1.2 or earlier.
@shimosyan/phpUploader (GitHub)
How to update
First, back up your configuration file (. /config/config.php).
If you are using a product prior to version 1.0, please delete all software data including database files before installing this countermeasure version.
If you are using a product with version 1.0 or later, delete the software itself before installing this countermeasure version.
Finally, add each value of the backed up configuration file to the newly installed configuration file (. /config/config.php).