Unrestricted file upload vulnerability in upload.php in GenesisTrader 1.0 allows remote authenticated users to upload arbitrary files via unspecified vectors, possibly involving form.php and the ajoutfich "foap" action.
https://exchange.xforce.ibmcloud.com/vulnerabilities/30889
http://www.securityfocus.com/bid/21595
http://www.securityfocus.com/archive/1/454385/100/0/threaded