CVE-2006-0713

Name of the Vulnerable Software and Affected Versions LinPHA version 1.0

Description The issue allows remote attackers to include arbitrary files via .. (dot dot) sequences in the lang parameter in "docs/index.php" and the language parameter in "install/install.php", "install/sec stage install.php", "install/third stage install.php", and "install/forth stage install.php". This can lead to direct static code injection, as demonstrated by inserting PHP code into the username, which is then inserted into linpha.log, making it accessible through the directory traversal.

Recommendations For LinPHA version 1.0, consider restricting access to the lang and language parameters in the affected PHP files until a patch is available. As a temporary workaround, avoid using the lang parameter in "docs/index.php" and the language parameter in the install scripts to minimize the risk of exploitation.