CVE-2007-3199

Name of the Vulnerable Software and Affected Versions: Link Request Contact Form version 3.4

Description: The issue allows remote attackers to execute arbitrary PHP code by uploading a file with a .php extension and an image content type, such as image/jpeg.

Recommendations: For version 3.4, consider restricting file uploads to only allow specific, non-executable file types, and validate the content type of uploaded files to prevent exploitation. As a temporary workaround, consider disabling the file upload feature until a patch is available.