CVE-2006-2695
admin/upprocess.php in DGNews 1.5 and earlier allows remote attackers to execute arbitrary code by uploading scripts with arbitrary extensions to the img directory.
Date published : 2006-05-31
http://pridels0.blogspot.com/2006/05/dgnews-v-15-file-upload-vuln.html