CVE-2007-2093

2007-04-1810:00:00

mitre

www.cve.org

7.3 High

AI Score

Confidence

High

0.021 Low

EPSS

Percentile

89.1%

JSON

Direct static code injection vulnerability in index.php in Limesoft Guestbook (LS Simple Guestbook) 1.0 allows remote attackers to inject arbitrary PHP code into posts.txt via the message parameter.

References

secunia.com/advisories/24904

securityreason.com/securityalert/2590

www.securityfocus.com/archive/1/465864/100/0/threaded

www.securityfocus.com/bid/23503

www.vupen.com/english/advisories/2007/1393

exchange.xforce.ibmcloud.com/vulnerabilities/33666

www.exploit-db.com/exploits/3735