CVE-2008-1790

Unrestricted file upload vulnerability in iScripts SocialWare allows remote authenticated administrators to upload arbitrary files via a crafted logo file in the "Manage Settings" functionality.  NOTE: remote exploitation is facilitated by a separate SQL injection vulnerability.