Static code injection vulnerability in guestbook.php in 1Book 1.0.1 and earlier allows remote attackers to upload arbitrary PHP code via the message parameter in an HTML webform, which is written to data.php.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2008-06-10T00:00:00
Updated: 2024-08-07T09:05:30.277Z
Reserved: 2008-06-09T00:00:00
Link: CVE-2008-2638
Vulnrichment
No data.
NVD
Status : Modified
Published: 2008-06-10T00:32:00.000
Modified: 2017-09-29T01:31:14.600
Link: CVE-2008-2638
Redhat
No data.