CVE-2006-5131

Name of the Vulnerable Software and Affected Versions ph03y3nk just another flat file (JAF) CMS version 4.0 RC1

Description The issue allows remote attackers to execute arbitrary code within sections bounded by "", possibly due to a static code injection vulnerability involving admin/data inc.php.

Recommendations For ph03y3nk just another flat file (JAF) CMS version 4.0 RC1, consider restricting access to the module/shout/jafshout.php file and the admin/data inc.php script until a patch is available. As a temporary workaround, restrict the execution of code within sections bounded by "". At the moment, there is no information about a newer version that contains a fix for this vulnerability.