CVE-2006-5837

Static code injection vulnerability in chatpanel.php in the SimpleChat 1.0.0 module for iWare Professional CMS allows remote attackers to inject arbitrary PHP code into chatlog.php via the msg parameter...

iWare Pro 5.0.4 - 'chat_panel.php' Remote Code Execution

+------------------------------------------------------------------------------------------- + iWare Pro +------------------------------------------------------------------------------------------- + Details: + iWare admin/mods/simplechat1.0.0/chatpanel.php does not sanatize the $message variable...