CVE-2008-7157 Information

Description

Unrestricted file upload vulnerability in EkinBoard 1.1.0 and earlier allows remote attackers to execute arbitrary code by uploading an avatar file with an executable extension followed by a safe extension then accessing it via a direct request to the file in uploaded/avatars/.

Reference

http://www.securityfocus.com/bid/27166 https://exchange.xforce.ibmcloud.com/vulnerabilities/39507 https://www.exploit-db.com/exploits/4859