Publish-It is prone to a (client side) security vulnerability when processing .PUI files. This vulnerability could be exploited by a remote malicious user to execute arbitrary code on the target machine, by enticing the user of Publish-It to open a specially crafted .PUI file. Version 3.6d is affected.