CVE-2007-3773
Cross-site request forgery (CSRF) vulnerability in the Email-Template module in Generic YouTube Clone Script allows remote attackers to upload files with arbitrary file types to templates/emails/ as administrators.
Date published : 2007-07-15
http://www.securityfocus.com/archive/1/473192/100/0/threaded