CVE-2006-3040

Name of the Vulnerable Software and Affected Versions Amr Talkbox (affected versions not specified)

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the direct parameter in the talkbox.php file. However, it's noted that the $direct variable is set to a static value just before the include statement, which has led to a dispute over the validity of this issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.