CVE-2008-4509

Name of the Vulnerable Software and Affected Versions: FOSS Gallery Admin and FOSS Gallery Public version 1.0 beta

Description: The issue allows remote attackers to execute arbitrary code by uploading a file with an executable extension to the processFiles.php script, and then accessing it via a direct request to the file in the root directory.

Recommendations: For version 1.0 beta, restrict access to the processFiles.php script to prevent unauthorized file uploads, and consider implementing validation to only allow uploading of files with specific, non-executable extensions until a patch is available.