CVE-2006-5432
CVE-2006-5432 affects phpPowerCards 2.10 (db/txt.inc.php). When register_globals is enabled, multiple direct static code injection paths allow remote attackers to create or overwrite arbitrary files via parameters (email[to], email[from], name[to], name[from], picture, comment, sessionID), demons...