CVE-2006-6765

Name of the Vulnerable Software and Affected Versions: Pagetool version 1.07

Description: The issue allows remote attackers to execute arbitrary PHP code. This can be achieved via a local filename or FTP/share URI in the config file parameter or a URL in the ptconf[src] parameter.

Recommendations: For Pagetool version 1.07, consider disabling the pt upload.php file in the src/admin directory until a patch is available. Restrict access to the config file and ptconf[src] parameters to minimize the risk of exploitation.