CVE-2006-4987

Name of the Vulnerable Software and Affected Versions Wili-CMS (affected versions not specified)

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the globals[content dir] parameter in several PHP files, including example-view/templates/article.php, example-view/templates/root.php, and example-view/templates/dates list.php.

Recommendations For Wili-CMS, consider restricting access to the globals[content dir] parameter in the affected PHP files until a patch is available. As a temporary workaround, avoid using the globals[content dir] parameter in the example-view/templates/article.php, example-view/templates/root.php, and example-view/templates/dates list.php files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.