RSS   Vulnerabilities for 'Phphotoalbum'   RSS

2010-04-27
 
CVE-2009-4819

CWE-Other
 

 
Multiple unrestricted file upload vulnerabilities in upload.php in PHPhotoalbum allow remote attackers to execute arbitrary code by uploading a file with a (1) .php.pgif or (2) .php.pjpeg double extension, then accessing it via a direct request to the file in albums/userpics/.

 


Copyright 2024, cxsecurity.com

 

Back to Top