Static Code Injection Vulnerability in phpBook by eBook
CVE-2006-0075

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
4 January 2006

Summary

A static code injection vulnerability exists in phpBook versions 1.3.2 and earlier, allowing remote attackers to execute arbitrary PHP code. This is achieved by exploiting the e-mail field in new messages, which improperly writes to a PHP file, potentially leading to unauthorized access and manipulation of server resources.

References

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.