I've coded this fix myself, It uses a SQL DB to store file information.
At a future dat it will Allow, an Admin option to Enable/Disable Checks/Add/Remove Checks from the Admin Panel.
I searched files myself for the appropriate data. I have support for all the default Upload options Seditio allows for upload, and a couple extra.

This can also be used with and is HIGHLY RECOMMENDED for any plugin, that allows for uploading of files Images included.
You only need to call sed_file_check($filepath, $filename, $file_extension). If it is a Valid File it Retruns TRUE, non valid files return FALSE Invalid files create a Security warning logs.
Any file extension that is not an image, and not known in the SQL DB Will pass through as TRUE, but generate a log warning.

Please Backup all files before modifying them incase you do something wrong. This has been tested on Apache But not IIS or any other.

Also Apache users, need to make sure they have rar mimetype.

Open your .htacess and add this (dunno if IIS does it same or however) This will force any .rar files to be downloaded isntead of executing.
AddType application/x-rar rar
If you have Cpanel, you can go into it and choose Mime Type, and you should beable to add a custom Mimetype.
Mimetype is: application/x-rar
Extension is: rar
Regardless of if you provide any public accessable file uploads you should do this.

This has Currently only been tested with Seditio 121, If you try this on another version please let me know

• First off Open system/functions.php
• Find the following

  function sed_xp()
  	{
  	return ("<div><input type=\"hidden\" id=\"x\" name=\"x\" value=\"".sed_sourcekey()."\" /></div>");
  	}

• After it add the following

  /* ------------------ */
  
  function sed_file_check($path, $name, $ext)
  	{
  	    global $db_mime;
  	    $fcheck = FALSE;
  	    if(in_array($ext, array('jpg', 'jpeg', 'png', 'gif')))
  	        {
  	            switch($ext)
  					{
  						case 'gif':
  							$fcheck = @imagecreatefromgif($path);
  							break;
  						case 'png':
  							$fcheck = @imagecreatefrompng($path);
  							break;
  						default:
  							$fcheck = @imagecreatefromjpeg($path);
  							break;
  					}
  	            $fcheck = (!$fcheck) ? FALSE : TRUE;
  			}
  		else{
  	    		$sql_mime = sed_sql_query("SELECT * FROM $db_mime WHERE mime_ext='".$ext."'");
  	    		if(sed_sql_numrows($sql_mime) != 0)
  	    		    {
  						while ($row = sed_sql_fetcharray($sql_mime))
  							{
  							    $f = ((substr(phpversion(),0, 3)>="5.1")) ? '' : fopen($path, "rb");
  							    if(substr(phpversion(),0, 3) < "5.1") fseek($f, $row['mime_sbyte']);
  							    $ff = ((substr(phpversion(),0, 3)>="5.1")) ? '' : fread($f, $row['mime_bytelen']);
  								$content = (substr(phpversion(),0, 3)>="5.1") ? file_get_contents($path,0,NULL,$row['mime_sbyte'],$row['mime_bytelen']) : $ff ;
  								$content = ($row['mime_ishex']) ? bin2hex($content) : $content;
  								$row['mime_search'] = ($row['mime_ishex']) ? strtolower($row['mime_search']) : $row['mime_search'];
  								$i++;
  								if ($content == $row['mime_search'])
  									{
  										$fcheck = TRUE;
  										break;
  									}
  							}
                          $fclose = ((substr(phpversion(),0, 3)>="5.1")) ? '' : fclose($f);
  					}
  				else{
  				        $fcheck = TRUE;
  				        sed_log('Warning: No Mime Type data was found for the Extension: '.$ext.' Filename - '.$name, 'sec');
  					}
  			}
  		if(!$fcheck)
  		    {
  		        sed_log('Warning: File Check Failed for Extension '.$ext.' Filename - '.$name, 'sec');
  		    }
          return($fcheck);
     }

• Open core/lang/main.lang.php
• Find the following.

  $L['pfs_extallowed']

• After it add the following.

  $L['pfs_filenotvalid'] = "This is not a valid %1\$s file.";

  You can translate it, leave %1\$s This returns the extension of the file being upload
• Open system/core/pfs/pfs.inc.php
• Find the following.

  			$f_extension_ok = 0;

• After it add the following

  			$fcheck = sed_file_check($u_tmp_name, $u_name, $f_extension);
              if($fcheck)
                  {

• Then find the following

  				else
  					{
  					$disp_errors .= $L['pfs_filetoobigorext'];
  					}

• After it add the following.

  				}
  			else{
  			        $disp_errors .= sprintf($L['pfs_filenotvalid'], $f_extension);
  			    }

• Open datas/config.php
• Find the following.

  $db_users 			= 'sed_users';

• After it add the following.

  $db_mime 			= 'sed_mimetype';

• Now you need to run the following SQL

• CREATE TABLE sed_mimetype (
    mime_id int(10) unsigned NOT NULL auto_increment,
    mime_ext varchar(255) NOT NULL default '',
    mime_type varchar(255) NOT NULL default '',
    mime_search varchar(255) NOT NULL default '',
    mime_ishex tinyint(1) NOT NULL default '0',
    mime_sbyte varchar(255) NOT NULL default '',
    mime_bytelen varchar(255) NOT NULL default '',
    mime_isdisabled tinyint(1) NOT NULL default '0',
    mime_order smallint(4) NOT NULL default '1',
    PRIMARY KEY  (mime_id)
  ) ENGINE=MyISAM;
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('rar','application/x-rar', 'Rar!', '0', '0', '4', '0', '1');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('zip','application/zip', '504B03041400', '1', '0', '6', '0', '1');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('gz','application/x-gzip', '1F8B0800', '1', '0', '4', '0', '1');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('tar.gz','application/x-gzip', '1F8B0808', '1', '0', '4', '0', '1');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('pdf','application/pdf', '!!', '0', '0', '7', '0', '1');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('avi','video/avi', 'AVI', '0', '8', '3', '0', '2');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('avi','video/avi', 'RIFF', '0', '0', '4', '0', '2');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('qt','video/quicktime', 'ftypqt', '0', '4', '6', '0', '1');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('qt','video/quicktime', 'moov', '0', '24', '4', '0', '2');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('mov','video/quicktime', 'ftypqt', '0', '4', '6', '0', '1');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('mov','video/quicktime', 'moov', '0', '24', '4', '0', '2');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('mpg','video/mpeg', '000001BA', '1', '0', '4', '0', '1');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('mpg','video/mpeg', '000001B3', '1', '0', '4', '0', '2');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('mpeg','video/mpeg', '000001BA', '1', '0', '4', '0', '1');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('mpeg','video/mpeg', '000001B3', '1', '0', '4', '0', '2');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('ogg','application/ogg', 'OggS', '0', '0', '4', '0', '1');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('mp3','audio/mpeg', 'ID3', '0', '0', '3', '0', '1');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('wav','audio/x-wav', 'WAVEfmt', '0', '8', '7', '0', '1');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('wav','audio/x-wav', 'RIFF', '0', '0', '4', '0', '2');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('wmv','video/x-ms-wmv', '3026B2758E66CF11A6D900AA0062CE6C', '1', '0', '16', '0', '1');
  INSERT INTO sed_mimetype (`mime_ext`,`mime_type`, `mime_search`, `mime_ishex`, `mime_sbyte`, `mime_bytelen`, `mime_isdisabled`, `mime_order`) VALUES ('bmp','image/bmp', 'BM', '0', '0', '2', '0', '1');

This should be all you need to do to fix it.
Check back for updates, as I will update, and ehnace this. If you need any help please post here
http://www.seditioforge.com/forums/plug-ins-and-modifications-s5.html

Fix Created by: Kilandor - Seditio Forge - A new path in Seditio Development