CVE-2008-6612

Name of the Vulnerable Software and Affected Versions Minimal ABlog version 0.4

Description The issue allows remote attackers to execute arbitrary code by uploading a file with an executable extension to the admin/uploader.php script, and then accessing it via a direct request to the file in the img/ directory.

Recommendations For Minimal ABlog version 0.4, consider restricting or disabling the file upload functionality in admin/uploader.php until a patch is available to prevent remote attackers from executing arbitrary code.