CVE-2008-6921

Name of the Vulnerable Software and Affected Versions: phpAdBoard version 1.8

Description: The issue allows remote attackers to execute arbitrary code by uploading a file with an executable extension to index.php, then accessing it via a direct request to the file in the photoes/ directory. This is due to an unrestricted file upload vulnerability.

Recommendations: For phpAdBoard version 1.8, restrict file uploads to only allow non-executable file extensions to prevent arbitrary code execution. As a temporary workaround, consider restricting access to the photoes/ directory to minimize the risk of exploitation.