CVE-2006-6043

Name of the Vulnerable Software and Affected Versions Oliver (formerly Webshare) versions 1.2.2 and earlier

Description The issue allows remote attackers to execute arbitrary PHP code when register globals is enabled. This is achieved via a UNC share pathname or a local file pathname in the conf[motdfile] parameter, which is accessed by the file exists function.

Recommendations For Oliver (formerly Webshare) versions 1.2.2 and earlier, consider disabling the register globals setting to prevent exploitation. Additionally, restrict access to the conf[motdfile] parameter to minimize the risk of arbitrary PHP code execution. Avoid using the conf[motdfile] parameter with untrusted input until the issue is resolved.