CVE-2006-5472

Name of the Vulnerable Software and Affected Versions Softerra PHP Developer Library version 1.5.3 and earlier

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the lib dir parameter in files such as 'lib/registry.lib.php', 'lib/sqlcompose.lib.php', and 'lib/sqlsearch.lib.php'.

Recommendations For Softerra PHP Developer Library version 1.5.3 and earlier, consider restricting access to the lib dir parameter in the affected files until a patch is available. As a temporary workaround, avoid using the lib dir parameter with untrusted input in the API endpoints related to these files.