Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.
Please see http://forums.cnet.com/7726-6132_102-5078545.html and http://packetstormsecurity.org/files/98311/sa43248.txt. php-ofc-library/ofc_upload_image.php allows malicious people to upload an arbitrary file to compromise the server. Hackers were able to compromise one of my sites with civiCRM (which packages OpenFlashChart), using this vulnerability.
I would be willing to work on a patch, but I am not familiar with OpenFlashChart, or the purpose of ofc_upload_image.php. Would you be able to offer any guidance?