Epractize · Epractize Labs Subscription Manager · CVE-2011-5136
**Name of the Vulnerable Software and Affected Versions**
EPractize Labs Subscription Manager version 1.0
**Description**
The issue allows remote attackers to overwrite arbitrary files. This is achieved via the `db` parameter in the `showImg.php` file.
**Recommendations**
For EPractize Labs Subscription Manager version 1.0, consider restricting access to the `showImg.php` file until a patch is available. As a temporary workaround, avoid using the `db` parameter in the affected file to minimize the risk of exploitation.