CVE-2006-6392

Name of the Vulnerable Software and Affected Versions plx Pay versions 3.2 and earlier

Description The issue allows remote attackers to include and execute arbitrary local files or obtain sensitive information via a .. (dot dot) in the read parameter of index.php. This could lead to the exposure of user credentials and other sensitive data.

Recommendations For plx Pay versions 3.2 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.