CVE-2006-2645

Name of the Vulnerable Software and Affected Versions Plume version 1.0.3

Description The issue allows remote attackers to execute arbitrary code via a URL in the PX config[manager path] parameter in the manager/frontinc/prepend.php file.

Recommendations For Plume version 1.0.3, consider restricting access to the manager/frontinc/prepend.php file to minimize the risk of exploitation. Avoid using the PX config[manager path] parameter in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.