CVE-2008-1495 Information

Description

Unrestricted file upload vulnerability in administrer/produits.php in PEEL possibly 3.x and earlier allows remote authenticated administrators to upload and execute arbitrary PHP files via a modified content type in an ajout action as demonstrated by (1) image/gif and (2) application/pdf.

Reference

http://realn.free.fr/releases/70207 http://secunia.com/advisories/29466 http://www.securityfocus.com/bid/28346 https://exchange.xforce.ibmcloud.com/vulnerabilities/41354 https://www.exploit-db.com/exploits/5281