Description
Unrestricted file upload vulnerability in ofc_upload_image.php in Open Flash Chart v2 Beta 1 through v2 Lug Wyrm Charmer, as used in Piwik 0.2.35 through 0.4.3, Woopra Analytics Plugin before 1.4.3.2, and possibly other products, when register_globals is enabled, allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension through the name parameter with the code in the HTTP_RAW_POST_DATA parameter, then accessing it via a direct request to the file in tmp-upload-images/.
Remediation
Delete the file ofc_upload_image.php or apply the patch provided by the vendor.
References
Related Vulnerabilities
WordPress Plugin Elementor Website Builder Arbitrary File Upload (3.6.2)
WordPress Plugin PICA Photo Gallery 'picaPhotosResize.php' Arbitrary File Upload (1.0)
WordPress Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-14028)
Liferay Portal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-15839)
WordPress Plugin Listing, Classified Ads & Business Directory-uListing Arbitrary File Upload (1.2.1)