Some pages contain input from the user that is un- validated. This could possibly be used to execute arbitrary code on the server, with server permissions.
The pages concerned are primarily the 'submit image' page, and others.
Log in to post a comment.
