Vulnerabilities > Phpgraphy > Phpgraphy > 0.9.11
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-02-04 | CVE-2006-6966 | Remote Security vulnerability in Phpgraphy phpGraphy before 0.9.13a does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by uploading a config.php file via the pictures[] parameter to index.php. | 7.5 |