Static code injection vulnerability in guestbook.php in 1Book 1.0.1 and earlier allows remote attackers to upload arbitrary PHP code via the message parameter in an HTML webform, which is written to data.php.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-06-10T00:00:00

Updated: 2024-08-07T09:05:30.277Z

Reserved: 2008-06-09T00:00:00

Link: CVE-2008-2638

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2008-06-10T00:32:00.000

Modified: 2017-09-29T01:31:14.600

Link: CVE-2008-2638

cve-icon Redhat

No data.