Description
Unrestricted file upload vulnerability in ofc_upload_image.php in Open Flash Chart v2 Beta 1 through v2 Lug Wyrm Charmer, as used in Piwik 0.2.35 through 0.4.3, Woopra Analytics Plugin before 1.4.3.2, and possibly other products, when register_globals is enabled, allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension through the name parameter with the code in the HTTP_RAW_POST_DATA parameter, then accessing it via a direct request to the file in tmp-upload-images/.
Remediation
Delete the file ofc_upload_image.php or apply the patch provided by the vendor.
References
Related Vulnerabilities
WordPress Plugin RokIntroScroller Multiple Vulnerabilities (1.8)
WordPress Plugin Buddy Share It Allusers FB YR Arbitrary File Upload (3.2.8)
WordPress Plugin Lazy SEO Arbitrary File Upload (1.3.2)
Rukovoditel Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-11817)
WordPress Plugin WordPress File Upload Arbitrary File Upload (3.4.0)