CVE-2006-5613

Name of the Vulnerable Software and Affected Versions: MP3 Streaming DownSampler (mp3SDS) version 3.0

Description: The issue allows remote attackers to execute arbitrary PHP code via the fullpath parameter in Core/core.inc.php when register globals is enabled.

Recommendations: For MP3 Streaming DownSampler (mp3SDS) version 3.0, consider disabling the register globals setting to prevent exploitation. As a temporary workaround, restrict access to the Core/core.inc.php file to minimize the risk of exploitation. Avoid using the fullpath parameter in the affected PHP code until the issue is resolved.