Vulnerability history

Local File Inclusion vulnerability

Authenticated (Subscriber+) Privilege Escalation via Account Takeover

Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Key Generation

CSRF to Arbitrary File Upload vulnerability

Arbitrary File Upload