Phphotoalbum · Phphotoalbum · CVE-2009-4819
**Name of the Vulnerable Software and Affected Versions**
PHPhotoalbum (affected versions not specified)
**Description**
The issue concerns unrestricted file upload vulnerabilities in the upload.php file of PHPhotoalbum. Remote attackers can execute arbitrary code by uploading a file with a double extension, such as `.php.pgif` or `.php.pjpeg`, and then accessing it directly in the `albums/userpics/` directory.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.