CVE-2007-0370
CVE-2007-0370 describes an unrestricted file upload in index.php of phpBP RC3 (2.204) and earlier. A remote attacker can inject arbitrary PHP code into upload/banners/ by uploading a crafted filename (e.g., .jpg.vil.gif.php) via a banners add operation, causing the code to be stored under a diffe...