Unrestricted file upload vulnerability in includes/imageupload.php in 7Shop 1.1 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/artikel/.

More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6806)