CVE-2006-5948

Name of the Vulnerable Software and Affected Versions phpPeanuts versions 1.1 and earlier

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the Include parameter. This is a result of a PHP remote file inclusion vulnerability in the pntUnit/Inspect.php file.

Recommendations For phpPeanuts versions 1.1 and earlier, consider disabling the Include parameter in the pntUnit/Inspect.php file until a patch is available. Restrict access to the pntUnit/Inspect.php file to minimize the risk of exploitation. Avoid using the Include parameter in the affected API endpoint until the issue is resolved.