I would be willing to work on a patch, but I am not familiar with OpenFlashChart, or the purpose of ofc_upload_image.php. Would you be able to offer any guidance?
Thanks!
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hello,
Please see http://forums.cnet.com/7726-6132_102-5078545.html and http://packetstormsecurity.org/files/98311/sa43248.txt. php-ofc-library/ofc_upload_image.php allows malicious people to upload an arbitrary file to compromise the server. Hackers were able to compromise one of my sites with civiCRM (which packages OpenFlashChart), using this vulnerability.
I would be willing to work on a patch, but I am not familiar with OpenFlashChart, or the purpose of ofc_upload_image.php. Would you be able to offer any guidance?
Thanks!