CVE-2006-6856
WebText CMS ≤ 0.4.5.2 is affected by a Direct static code injection vulnerability. An attacker can remotely inject arbitrary PHP code into a script located under wt/users/ by supplying a crafted im parameter during a profile edit (edycja) operation, and the injected code is then executed through ...