Noislet

**Name of the Vulnerable Software and Affected Versions** AROUNDMe versions 0.6.9 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code when register globals is enabled. This is achieved by providing a URL in the `templatePath` parameter in files such as template/barnraiser 01/pol view.tpl.php and other unspecified PHP scripts. **Recommendations** For AROUNDMe versions 0.6.9 and earlier, consider disabling the register globals setting to prevent exploitation. Additionally, restrict access to the `templatePath` parameter in affected PHP scripts until a fix is available.