ClipBucket Unrestricted Upload of File with Dangerous Type Vulnerability - CVE-2013-10040

ClipBucket version 2.6 and earlier contains a critical vulnerability in the ofc_upload_image.php script located at /admin_area/charts/ofc-library/. This endpoint allows unauthenticated users to upload arbitrary files including executable PHP scripts. Once uploaded the attacker can access the file via a predictable path and trigger remote code execution.