2012-08-30 22:00:00
mitre
PUBLISHED
showImg.php in EPractize Labs Subscription Manager, possibly 1.0, allows remote attackers to overwrite arbitrary files via the db parameter.