CVE-2006-4962

Directory traversal vulnerability in pbd_engine.php in Php Blue Dragon 2.9.1 and earlier allows remote attackers to read and execute arbitrary local files via a … (dot dot) sequence via the phpExt parameter, as demonstrated by executing PHP code in a log file.