CVE-2006-3608
The CVE-2006-3608 entry concerns Simone Vellei Flatnuke 2.5.7 and earlier. When Gallery uploads are enabled, the product does not restrict file extensions for uploads that begin with a GIF header, allowing remote authenticated users to execute arbitrary PHP code via an uploaded .php file. The NVD...