CVE-2006-7047

Name of the Vulnerable Software and Affected Versions Shoutpro version 1.0

Description The issue allows remote attackers to bypass IP ban restrictions. This is achieved by providing a URL in the path parameter that points to an alternate bannedips.php file. It was initially reported as a potential remote file inclusion issue, but further analysis indicates it cannot be used for code execution.

Recommendations For Shoutpro version 1.0, consider restricting access to the include.php file to prevent bypassing IP ban restrictions until a fix is available. As a temporary workaround, restrict the use of the path parameter to minimize the risk of exploitation.