Bts Gi · Bts-Gi Read Excel · CVE-2010-0279
**Name of the Vulnerable Software and Affected Versions**
BTS-GI Read excel version 1.1
**Description**
The issue allows remote attackers to execute arbitrary code by uploading a file with an executable extension to the `upload.php` file, and then accessing it via a direct request.
**Recommendations**
For version 1.1, restrict access to the `upload.php` file to prevent unauthorized file uploads, and consider implementing validation to prevent uploading files with executable extensions as a temporary workaround until a patch is available.