R00T.H4X0R

**Name of the Vulnerable Software and Affected Versions** Rezervi versions 3.0.2 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `root` parameter when `register globals` is enabled. This is a different vector than previously identified issues. **Recommendations** For Rezervi versions 3.0.2 and earlier, consider disabling the `register globals` setting to prevent exploitation until a patch is available. Additionally, restrict access to the `include/mail.inc.php` file to minimize the risk of arbitrary PHP code execution.