CVE-2006-7036

Name of the Vulnerable Software and Affected Versions Andys Chat version 4.5

Description A remote file inclusion issue in the register.php file allows remote attackers to execute arbitrary code via the action parameter. This issue was reported by a researcher, but its validity cannot be confirmed due to the vendor no longer distributing the product.

Recommendations For Andys Chat version 4.5, consider disabling the action parameter in the register.php file as a temporary workaround until a more permanent solution can be found. Restrict access to the register.php file to minimize the risk of exploitation.