Code injection

2007-04-1810:19:00

PRIOn knowledge base

www.prio-n.com

7.8 High

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.1%

JSON

Direct static code injection vulnerability in index.php in Limesoft Guestbook (LS Simple Guestbook) 1.0 allows remote attackers to inject arbitrary PHP code into posts.txt via the message parameter.

CPENameOperatorVersion
limesoft_guestbookeq1.0

CPE	Name	Operator	Version
	limesoft_guestbook	eq	1.0

References

secunia.com/advisories/24904

securityreason.com/securityalert/2590

www.securityfocus.com/archive/1/465864/100/0/threaded

www.securityfocus.com/bid/23503

www.vupen.com/english/advisories/2007/1393

exchange.xforce.ibmcloud.com/vulnerabilities/33666

www.exploit-db.com/exploits/3735