CVE-2007-0764 Information

Description

Unrestricted file upload vulnerability in F3Site 2.1 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP scripts via GIF86 header in a file in the uplf parameter which can be later accessed via a relative pathname in the dir parameter in adm.php.

Reference

http://osvdb.org/34669 https://exchange.xforce.ibmcloud.com/vulnerabilities/32189 https://www.exploit-db.com/exploits/3255