CVE-2006-2982

Name of the Vulnerable Software and Affected Versions Enterprise Timesheet and Payroll Systems (EPS) versions 1.1 and earlier

Description The issue allows remote attackers to execute arbitrary PHP code. This is achieved via a URL in the absolutepath parameter in specific PHP files, including "footer.php" and "admin/footer.php".

Recommendations For Enterprise Timesheet and Payroll Systems (EPS) versions 1.1 and earlier, consider restricting access to the absolutepath parameter in the affected PHP files until a patch is available. As a temporary workaround, avoid using the absolutepath parameter in "footer.php" and "admin/footer.php" to minimize the risk of exploitation.