Description
Unrestricted file upload vulnerability in e107 before 0.7.20 allows remote authenticated users to execute arbitrary code by uploading a .php.filetypesphp file. NOTE: the vendor disputes the significance of this issue, noting that "an odd set of preferences and a missing file" are required.
Remediation
References
Related Vulnerabilities
WordPress Plugin Wow Viral Signups SQL Injection (2.1)
WordPress Plugin Build App Online SQL Injection (1.0.18)
WordPress Plugin ReviewX-Multi-criteria Rating & Reviews for WooCommerce SQL Injection (1.6.8)
Nginx CVE-2013-2070 Vulnerability (CVE-2013-2070)
Oracle Application Server Other Vulnerability (CVE-2005-3453)