CVE-2006-4962

2006-09-23T10:07:00
ID CVE-2006-4962
Type cve
Reporter cve@mitre.org
Modified 2017-10-19T01:29:00

Description

Directory traversal vulnerability in pbd_engine.php in Php Blue Dragon 2.9.1 and earlier allows remote attackers to read and execute arbitrary local files via a .. (dot dot) sequence via the phpExt parameter, as demonstrated by executing PHP code in a log file.