CVE-2006-1200
CVE-2006-1200 describes a direct static code injection in the add_link.txt component of the daverave Link Bank, where the url_name parameter is stored in links.txt without sanitization and later used in an include statement. This enables remote attackers to execute arbitrary PHP code and potentia...