CVE-2006-2392

Name of the Vulnerable Software and Affected Versions PHP Blue Dragon Platinum version 2.8.0

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter in the public includes/pub popup/popup finduser.php file.

Recommendations For PHP Blue Dragon Platinum version 2.8.0, consider restricting access to the public includes/pub popup/popup finduser.php file until a patch is available. As a temporary workaround, avoid using the vsDragonRootPath parameter in the affected file to minimize the risk of exploitation.