Design/Logic Flaw

uploadimg.php in the Automatic Image Upload with Thumbnails imgUpload module 1.3.2 for PunBB only verifies the Content-type field of uploaded files, which allows remote attackers to upload and execute arbitrary content via a file with a 1 JPG, 2 GIF, or 3 PNG MIME type...