CVE-2006-7132

Name of the Vulnerable Software and Affected Versions PHPMyDesk version 1.0beta

Description A directory traversal issue exists, allowing remote attackers to include arbitrary local files. This is achieved by manipulating the pmdlang parameter in the "viewticket.php" endpoint.

Recommendations For PHPMyDesk version 1.0beta, as a temporary workaround, consider restricting access to the viewticket.php endpoint until a patch is available. Additionally, avoid using the pmdlang parameter in the affected endpoint until the issue is resolved.