CVE-2005-4211

Name of the Vulnerable Software and Affected Versions phpCOIN version 1.2.2

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the $ CCFG[ PKG PATH DBSE] variable in the coin includes/db.php file.

Recommendations For phpCOIN version 1.2.2, consider restricting access to the coin includes/db.php file to minimize the risk of exploitation. Avoid using the $ CCFG[ PKG PATH DBSE] variable in the affected file until the issue is resolved.