CVE-2010-4313

Name of the Vulnerable Software and Affected Versions Orbis CMS version 1.0.2

Description The issue allows remote authenticated users to execute arbitrary code by uploading a .php file to the fileman file upload.php script and then accessing it via a direct request to the file in the uploads directory.

Recommendations For Orbis CMS version 1.0.2, consider restricting or disabling the file upload functionality in fileman file upload.php to prevent the execution of arbitrary code until a proper fix is available. Additionally, restrict access to the uploads directory to minimize the risk of exploitation.