CVE-2020-20588 Information

Description

File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php.

Reference

https://github.com/zhimengzhe/iBarn/issues/13