Static Code Injection Vulnerability in phpBook by eBook
CVE-2006-0075
Currently unrated
Summary
A static code injection vulnerability exists in phpBook versions 1.3.2 and earlier, allowing remote attackers to execute arbitrary PHP code. This is achieved by exploiting the e-mail field in new messages, which improperly writes to a PHP file, potentially leading to unauthorized access and manipulation of server resources.
References
EPSS Score
7% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved