CVE-2006-2330
CVE-2006-2330 affects PHP-Fusion 6.00.306 and earlier running on Apache 1.3.27 with PHP 4.3.3. The vulnerability arises in the file-upload validation logic, where a filename containing two or more extensions ending with an assumed-valid extension (e.g., .gif) can bypass validation. An authenticat...