CVE-2006-5636

Name of the Vulnerable Software and Affected Versions: Simple Website Software (SWS) versions 0.99 and earlier

Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the SWSDIR parameter. This can be achieved by manipulating the URL to include malicious PHP code, which can then be executed by the server.

Recommendations: For Simple Website Software (SWS) versions 0.99 and earlier, as a temporary workaround, consider restricting access to the common.php file until a patch is available. Avoid using the SWSDIR parameter in URLs to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.