A vulnerability has been identified in IMAGIN, which could be exploited by attackers to compromise a vulnerable web server. This issue is caused by input validation errors in the "scripts_ralcr/filesystem/writeToFile.php" script that does not validate data supplied via the "raw_data" parameter before being written to a script specified via the "path" parameter, which could be exploited by remote attackers to inject and execute arbitrary PHP code with the privileges of the web server.
Vulnerable Products
Vulnerable Software: IMAGIN version 3 beta 5 and prior
