CVE-2006-4609

Name of the Vulnerable Software and Affected Versions PHProjekt version 0.6.1

Description The issue allows remote attackers to execute arbitrary PHP code via the path pre parameter in several PHP files, including cm lib.inc.php, doc/br.edithelp.php, doc/de.edithelp.php, doc/ct.edithelp.php, userrating.php, and listing.php, when register globals is enabled. However, the impact of some vectors has been disputed, with claims that the cm lib.inc.php vector is limited to local file inclusion and that the path pre variable is initialized before use in the other vectors.

Recommendations For PHProjekt version 0.6.1, consider disabling the register globals setting to prevent exploitation. Additionally, restrict access to the affected PHP files until a patch is available. As a temporary workaround, avoid using the path pre parameter in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.