CVE-2006-4962

CVE-2006-4962 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

Directory traversal vulnerability in pbd_engine.php in Php Blue Dragon 2.9.1 and earlier allows remote attackers to read and execute arbitrary local files via a .. (dot dot) sequence via the phpExt parameter, as demonstrated by executing PHP code in a log file.

Learn more about our Web Application Penetration Testing UK.