CVE-2006-0636

Name of the Vulnerable Software and Affected Versions eyeOS versions 0.8.9 and earlier

Description The issue allows remote attackers to execute arbitrary PHP code and possibly conduct other attacks by modifying critical assumed-immutable variables. This is demonstrated using PHP code in the SESSION[apps][eyeOptions.eyeapp][wrapup] variable.

Recommendations For eyeOS versions 0.8.9 and earlier, consider updating to a version where this issue is fixed, as the current version allows for the execution of arbitrary PHP code. At the moment, there is no information about a newer version that contains a fix for this vulnerability.