CVE-2005-2614

Name of the Vulnerable Software and Affected Versions Discuz! version 4.0 rc4

Description The issue allows remote attackers to execute arbitrary commands by uploading files with specific multiple extensions, such as ".php.rar", which are not properly restricted by the software.

Recommendations For Discuz! version 4.0 rc4, consider restricting file uploads to only allow specific, safe file types to prevent arbitrary command execution. As a temporary workaround, restrict access to file upload functionality until a proper fix is applied.