CVE-2005-1868

Name of the Vulnerable Software and Affected Versions I-Man versions 0.9 and earlier

Description The issue allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension. This can be done by exploiting the file upload functionality, potentially leading to code execution.

Recommendations For I-Man version 0.9 and earlier, consider restricting file uploads to prevent the execution of arbitrary PHP code until a patch is available. As a temporary workaround, disable the file upload feature to minimize the risk of exploitation.