Arbitrary Code Execution via ImageManager in e107
CVE-2004-2262 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
ImageManager in e107 before 0.617 does not properly check the types of uploaded files, which allows remote attackers to execute arbitrary code by uploading a PHP file via the upload parameter to images.php.
Learn more about our Web Application Penetration Testing UK.