CVE-2006-0845

Name of the Vulnerable Software and Affected Versions Leif M. Wright's Blog version 3.5

Description The issue allows remote authenticated users with administrative privileges to execute arbitrary programs, including shell commands. This can be achieved by configuring the sendmail path to a malicious pathname.

Recommendations For version 3.5, consider restricting access to the sendmail configuration to prevent malicious path configurations until a patch is available. As a temporary workaround, limit administrative privileges to trusted users to minimize the risk of exploitation.