CVE-2013-4898
CVE-2013-4898 : Unrestricted file upload in SocialEngine Timeline Plugin 4.2.5p9 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then retrieving it from public/temporary/timeline/. The vulnerability stems from accepting uploaded files ...