CVE-2007-1604
Multiple unrestricted file upload vulnerabilities in w-Agora Web-Agora allow remote attackers to upload and execute arbitrary PHP code 1 via a forum message with an attached file, which is stored under forums/hello/hello/notes/ or 2 by using browseavatar.php to upload a file with a double...