CVE-2008-1866
The CVE-2008-1866 issue affects Blog Pixel Motion (PixelMotion), where admin/modif_config.php does not require admin authentication. This allows remote authenticated users to upload arbitrary PHP scripts inside a ZIP archive, which is written to templateZip/ and then automatically extracted under...