CVE-2008-2228

Name of the Vulnerable Software and Affected Versions: Cyberfolio version 7.12

Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the rep parameter in the portfolio/commentaires/derniers commentaires.php file when register globals is enabled.

Recommendations: For Cyberfolio version 7.12, consider disabling the register globals setting to prevent exploitation. As a temporary workaround, restrict access to the portfolio/commentaires/derniers commentaires.php file until a patch is available. Avoid using the rep parameter in the affected file until the issue is resolved.