CVE-2006-6869

Name of the Vulnerable Software and Affected Versions: MDForum versions 2.0.1 and earlier

Description: A directory traversal issue exists when magic quotes gpc is disabled and register globals is enabled, allowing remote attackers to include and execute arbitrary local files. This can be achieved by using a .. (dot dot) in the PNSVlang cookie to error.php. Attackers can inject PHP sequences into an Apache HTTP Server log file, which is then included by error.php.

Recommendations: For MDForum versions 2.0.1 and earlier, consider disabling the register globals setting and enabling magic quotes gpc to mitigate the risk of exploitation. As a temporary workaround, restrict access to the error.php file and avoid using the PNSVlang cookie until a patch is available.