CVE-2006-4913
The CVE-2006-4913 entry describes a directory traversal in AlstraSoft E-friends 4.85 (chat/getStartOptions.php). An attacker can cause local file inclusion and potentially execute code by supplying a .. sequence and a trailing null (%00) byte in the lang parameter, demonstrated by injecting PHP i...