CVE-2005-4423

Name of the Vulnerable Software and Affected Versions PHPFM versions prior to 0.2.3

Description The issue allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension to an accessible directory. This can be achieved by uploading a file with a .php extension.

Recommendations For versions prior to 0.2.3, update to version 0.2.3 or later to resolve the issue. As a temporary workaround, consider restricting file uploads to only allowed extensions and disabling the execution of files in accessible directories.