CVE-2006-6338
CVE-2006-6338 : Unrestricted file upload in the PHP script upload/index.php of the DZCP (deV!L`z Clanportal) prior to 1.3.6.1. An attacker can embed PHP code in a JPEG/GIF uploaded to inc/images/uploads/userpics/ and trigger remote code execution. The connected sources confirm the vulnerability p...