CVE-2008-6084 – Iamma Simple Gallery 1.0/2.0 - Arbitrary File Upload

https://notcve.org/view.php?id=CVE-2008-6084

06 Feb 2009 — Unrestricted file upload vulnerability in pages/download.php in Iamma Simple Gallery 1.0 and 2.0 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the uploads directory. Vulnerabilidad de actualización de archivo en pages/download.php en Iamma Simple Gallery v1.0 y v2.0 permite a atacantes remotos ejecutar código PHP de su elección subiendo un fichero con una extensión ejecutable, entonces accediendo ... • https://www.exploit-db.com/exploits/6803 • CWE-20: Improper Input Validation •