[原文]L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated variables were set by POST (attachment, attachment_name, attachment_size and attachment_type), which allows remote attackers to read arbitrary files.
Discovery of this vulnerability credited to Ulf Harnhammar <email@example.com>.
Leszek Krupinski L-Forum 2.4 .0
Reportedly, L-Forum may disclose contents of arbitrary files to attackers. The file upload mechanism in L-Forum doesn't properly check the existence of four global variables (attachment, attachment_name, attachment_size and attachment_type) that are set for every uploaded file.
Thus an attacker may be able to obtain access to arbitrary system files.