CVE-2005-0513

Name of the Vulnerable Software and Affected Versions pMachine Pro versions 2.4 and possibly other versions including pMachine Free

Description The issue allows remote attackers to execute arbitrary PHP code by directly requesting mail autocheck.php and modifying the pm path parameter to reference a URL on a remote web server that contains the code.

Recommendations For pMachine Pro version 2.4, consider restricting access to the mail autocheck.php file until a fix is available. Avoid using the pm path parameter in the affected mail autocheck.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.