CVE-2006-0075
published 2006-01-04CVE-2006-0075: Direct static code injection vulnerability in phpBook 1.3.2 and earlier allows remote attackers to execute arbitrary PHP code via the e-mail field (mail…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
EXPLOIT
Direct static code injection vulnerability in phpBook 1.3.2 and earlier allows remote attackers to execute arbitrary PHP code via the e-mail field (mail variable) in a new message, which is written to a PHP file.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gnu | phpbook | <= 1.3.2 | — |
| gnu | phpbook | — | — |
| gnu | phpbook | — | — |
| gnu | phpbook | — | — |
| gnu | phpbook | — | — |