Phpecard · Phpecard · CVE-2006-4456
**Name of the Vulnerable Software and Affected Versions**
phpECard versions 2.1.4 and earlier
**Description**
The issue allows remote attackers to execute arbitrary PHP code via a URL in the `include path` parameter in the functions.php file.
**Recommendations**
For phpECard versions 2.1.4 and earlier, update to a version later than 2.1.4 to resolve the issue.