CVE-2007-4026

Name of the Vulnerable Software and Affected Versions: epesi framework versions prior to 0.8.6

Description: The issue allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors involving the gallery images upload feature, due to improper verification of file extensions.

Recommendations: For versions prior to 0.8.6, update to version 0.8.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the gallery images upload feature until the update is applied.