cpe:/a:scriptsfeed:auto_classifieds:- CVE-2008-6944 2009-08-12T06:30:00.610-04:00 2017-09-28T21:33:26.417-04:00 6.5 NETWORK LOW SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-08-12T08:39:00.000-04:00 ALLOWS_OTHER_ACCESS BID 32293 SECUNIA 32690 OSVDB 49960 EXPLOIT-DB 7111 XF autoclassifiedssoftware-image-file-upload(46608) Unrestricted file upload vulnerability in ScriptsFeed Auto Classifieds allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile logo, then accessing it via a direct request to the file in cars_images/.