CVE-2006-1201
CVE-2006-1201 affects eschew.net phpBannerExchange 2.0 and earlier (and other versions before 2.0 Update 5). The root cause is a template class that fails to sanitize user input used in PHP include(), enabling local file inclusion via an email parameter in recoverpw.php and resulting in a directo...