CVE-2006-4075

Name of the Vulnerable Software and Affected Versions docpile:we versions 0.2.2 and earlier

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the INIT PATH parameter to various PHP files, including "lib/folder.class.php", "lib/email.inc.php", "lib/document.class.php", and "lib/auth.inc.php".

Recommendations For docpile:we versions 0.2.2 and earlier, consider disabling the INIT PATH parameter until a patch is available to prevent remote attackers from executing arbitrary PHP code. Restrict access to the affected PHP files, including "lib/folder.class.php", "lib/email.inc.php", "lib/document.class.php", and "lib/auth.inc.php", to minimize the risk of exploitation.