CVE-2001-1020

Name of the Vulnerable Software and Affected Versions Vibechild Directory Manager versions prior to 0.91

Description The issue allows remote attackers to execute arbitrary commands via shell metacharacters in the userfile name parameter, which is sent unfiltered to the PHP passthru function.

Recommendations For versions prior to 0.91, update to version 0.91 or later to resolve the issue. As a temporary workaround, consider filtering or validating the userfile name parameter to prevent the injection of shell metacharacters. Restrict access to the edit image.php file to minimize the risk of exploitation.