CVE-2006-0940

Name of the Vulnerable Software and Affected Versions ShoutLIVE version 1.1.0

Description The issue concerns direct static code injection vulnerabilities in the savesettings.php file. Remote attackers can execute arbitrary PHP code via variables written to settings.php.

Recommendations For ShoutLIVE version 1.1.0, consider restricting access to the savesettings.php file and settings.php to minimize the risk of exploitation until a patch is available. Avoid using variables that can be manipulated by remote attackers in the savesettings.php file. At the moment, there is no information about a newer version that contains a fix for this vulnerability.