CVE-2006-0164

Name of the Vulnerable Software and Affected Versions phgstats versions prior to 0.5.1

Description The issue allows remote attackers to include arbitrary files and execute arbitrary PHP code by modifying the PHGDIR variable, but only if register globals is enabled.

Recommendations For versions prior to 0.5.1, update to version 0.5.1 or later to resolve the issue. As a temporary workaround, consider disabling the register globals setting to minimize the risk of exploitation.