2008-10-03 22:00:00
mitre
PUBLISHED
Unrestricted file upload vulnerability in upload.php in Phlatlines Personal Information Manager (pPIM) 1.0 and earlier allows remote attackers to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the file in the top-level directory.