EIP-2026-108124

This is a writeup describing a file upload vulnerability in JomSocial 1.8.8 and earlier, allowing arbitrary file uploads if video uploads are enabled. The vulnerability was patched in version 1.8.9.