CVE-2004-1408 - Defamatory Outline

Description

The addImage method for admin.class.php in Image Gallery Web Application 0.9.10 does not properly check filenames which allows remote attackers to upload and execute arbitrary files.

Reference

http://www.securityfocus.com/bid/11990 http://marc.info/?l=bugtraq&m=110323479715051&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18531