CVE-2006-1668 Information

Description

newimage.php in Eric Gerdes Crafty Syntax Image Gallery (CSIG) (aka PHP thumbnail Photo Gallery) 3.1g and earlier allows remote authenticated users to upload and execute arbitrary PHP code via a multipart/form-data POST with a .jpg filename in the fullimage parameter and the ext parameter set to .php.

Reference

http://bash-x.net/undef/adv/craftygallery.html http://bash-x.net/undef/exploits/crappy_syntax.txt http://secunia.com/advisories/19478 http://www.osvdb.org/24387 http://www.securityfocus.com/bid/17379 http://www.vupen.com/english/advisories/2006/1239 https://exchange.xforce.ibmcloud.com/vulnerabilities/25655 https://www.exploit-db.com/exploits/1645