Vulnerabilities > Phpgraphy > Phpgraphy > 0.9.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-02-04 | CVE-2006-6966 | Remote Security vulnerability in Phpgraphy phpGraphy before 0.9.13a does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by uploading a config.php file via the pictures[] parameter to index.php. | 7.5 |