Static code injection vulnerability in index.php in Podcast Generator 1.1 and earlier allows remote authenticated administrators to inject arbitrary PHP code into config.php via the recent parameter in a config change action.

More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1230)