CVE-2008-0233
Zero CMS 1.0 Alpha and earlier are affected by an unrestricted file upload vulnerability in the avatar upload feature (Content-Type: image/jpeg). This allows remote attackers to bypass access restrictions and upload/execute arbitrary files. Exploitation details are referenced in public advisories...