CVE-2007-0082

Name of the Vulnerable Software and Affected Versions IMGallery versions 2.5 and earlier

Description The issue arises from improper handling of files with multiple extensions in the users adm/start1.php file, allowing remote authenticated users to upload and execute arbitrary PHP scripts.

Recommendations For IMGallery versions 2.5 and earlier, consider restricting file uploads to only trusted users and validating file extensions to prevent the execution of arbitrary PHP scripts. As a temporary workaround, consider disabling the file upload feature in users adm/start1.php until a proper fix is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.