CVE-2005-1604

Name of the Vulnerable Software and Affected Versions PHP Advanced Transfer Manager (phpATM) version 1.21

Description The issue allows remote attackers to upload arbitrary files, potentially leading to the execution of arbitrary PHP code. This can be achieved by using filenames that contain multiple file extensions.

Recommendations For PHP Advanced Transfer Manager (phpATM) version 1.21, consider restricting file uploads to only allow specific, trusted file extensions as a temporary workaround until a patch is available. Additionally, restrict access to the file upload functionality to minimize the risk of exploitation.