CVE-2007-3429

Publication date

2007-06-27 00:00:00

Family

mitre

State

PUBLISHED

Description

Unrestricted file upload vulnerability in signup.php in e107 0.7.8 and earlier, when photograph upload is enabled, allows remote attackers to upload and execute arbitrary PHP code via a filename with a double extension such as .php.jpg.