Unrated severityNVD Advisory· Published Apr 27, 2010· Updated Jun 16, 2026
CVE-2009-4819
CVE-2009-4819
Description
Multiple unrestricted file upload vulnerabilities in upload.php in PHPhotoalbum allow remote attackers to execute arbitrary code by uploading a file with a (1) .php.pgif or (2) .php.pjpeg double extension, then accessing it via a direct request to the file in albums/userpics/.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:stoverud:phphotoalbum:0.3:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:stoverud:phphotoalbum:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:stoverud:phphotoalbum:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:stoverud:phphotoalbum:0.5:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.