CVE-2009-1659
CVE-2009-1659 describes an unrestricted file upload in eLitius 1.0, via admin/uploadimage.php. Attackers could upload an avatar file (e.g., image/gif), bypass access restrictions, then request the uploaded file under admin/banners/ to execute arbitrary files. The documents do not provide remediat...