CVE-2008-6066

Name of the Vulnerable Software and Affected Versions Meet#Web version 0.8

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the root path parameter to several PHP files, including "modules.php", "ManagerResource.class.php", "ManagerRightsResource.class.php", "RegForm.class.php", "RegResource.class.php", and "RegRightsResource.class.php" in the "classes/" directory.

Recommendations For Meet#Web version 0.8, consider restricting access to the vulnerable PHP files until a patch is available. As a temporary workaround, avoid using the root path parameter in the affected API endpoints. Restrict access to the "classes/" directory to minimize the risk of exploitation.