CVE-2005-4424
CVE-2005-4424 affects PHP-Kit up to version 1.6.1 R2. The vulnerability is a directory-traversal flaw in the path parameter that, combined with a %00 (null byte) at the end of a filename (e.g., avatar.png%00), enables remote authenticated users to execute arbitrary PHP code. Documented impact ind...