CVE-2006-5546

Name of the Vulnerable Software and Affected Versions Open Tibia Server Content Management System (OTSCMS) versions 1.3.0 through 1.4.1

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[config][otscms][directories][classes] parameter. This can be exploited by providing a malicious URL to the vulnerable parameter, potentially leading to the execution of unauthorized PHP code.

Recommendations For Open Tibia Server Content Management System (OTSCMS) versions 1.3.0 through 1.4.1, consider restricting access to the GLOBALS[config][otscms][directories][classes] parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.