File Upload component in Projects World House Rental v1.0 suffers from an arbitrary file upload vulnerability with regular users, which allows remote attackers to conduct code execution.