2 matches found
Unrestricted file upload
Unrestricted file upload vulnerability in the fileupload function in core/misc.class.php in EncapsGallery 2.0.2 allows remote authenticated administrators to upload and execute arbitrary PHP files by uploading a file with an executable extension, then accessing it via a direct request to the file...
CVE-2008-1988
CVE-2008-1988 describes an unrestricted file upload in EncapsGallery 2.0.2. The flaw exists in the file_upload function of core/misc.class.php, allowing remote authenticated administrators to upload and execute arbitrary PHP files by using an executable extension, then accessing the file directly...