CVE-2005-1604

PHP Advanced Transfer Manager (phpATM) 1.21 allows remote attackers to upload arbitrary files via filenames containing multiple file extensions, as demonstrated using a filename ending in "php.ns", which allows execution of arbitrary PHP code.

Date published : 2005-05-16

http://www.securityfocus.com/bid/13542

http://seclists.org/lists/bugtraq/2005/May/0075.html