BigACE 1.8.2 upload_form.php GLOBALS Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19723/info Bigace is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote PHP code and execute i...

CVE-2008-5220

The CVE-2008-5220 issue affects wPortfolio 0.3 and earlier . It is an unrestricted file upload vulnerability in admin/upload_form.php that allows remote attackers to achieve arbitrary code execution by uploading a file with an executable extension and then requesting it directly from admin/tmp/ ....