CVE-2005-4814

Name of the Vulnerable Software and Affected Versions Segue CMS versions prior to 1.3.6

Description The issue allows remote attackers to upload and execute arbitrary PHP code. This is possible when the Apache HTTP Server handles .phtml files with the PHP interpreter, and .phtml files are placed in the userfiles/ directory.

Recommendations For versions prior to 1.3.6, update to version 1.3.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the userfiles/ directory to minimize the risk of exploitation.