CVE-2008-7157

Name of the Vulnerable Software and Affected Versions EkinBoard versions 1.1.0 and earlier

Description The issue allows remote attackers to execute arbitrary code by uploading an avatar file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in uploaded/avatars/.

Recommendations For versions 1.1.0 and earlier, consider restricting or disabling the file upload feature, especially for avatar files, until a proper fix is applied to prevent remote code execution.