Virtocommerce version Beta 2.0 suffers from an arbitrary file upload vulnerability.