CVE-2006-2592

Name of the Vulnerable Software and Affected Versions DSChat version 1.0

Description The issue allows remote attackers to execute arbitrary PHP code via the Nickname field. This field is not sanitized before creating a file in a user directory.

Recommendations For DSChat version 1.0, consider sanitizing the Nickname field to prevent the execution of arbitrary PHP code. As a temporary workaround, restrict access to the file creation functionality in user directories until a proper fix is applied.