2006-05-31 14:00:00
mitre
PUBLISHED
admin/upprocess.php in DGNews 1.5 and earlier allows remote attackers to execute arbitrary code by uploading scripts with arbitrary extensions to the img directory.