CVE-2009-3716

Name of the Vulnerable Software and Affected Versions MCshoutbox version 1.1

Description The issue allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension to admin.php, then accessing it via a direct request to the file in smilies/.

Recommendations For MCshoutbox version 1.1, consider restricting access to the admin.php file and the smilies/ directory to prevent exploitation until a patch is available. As a temporary workaround, avoid using the file upload feature in admin.php until the issue is resolved.