CVE-2008-7157
CVE-2008-7157 describes an unrestricted file upload in EkinBoard 1.1.0 and earlier . An attacker can upload an avatar file with an executable extension followed by a safe extension, then access it via a direct request to the file in uploaded/avatars/ to potentially execute arbitrary code. The pro...