PT-2005-3094 · Myguestbook · Myguestbook

Soulblack

Published

2005-07-06

Updated

2016-10-18

CVE-2005-2162

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions: MyGuestbook version 0.6.1

Description: The issue allows remote attackers to execute arbitrary PHP code via the lang parameter in the form.inc.php3 file.

Recommendations: For MyGuestbook version 0.6.1, avoid using the lang parameter in the affected form.inc.php3 file until the issue is resolved. Restrict access to the form.inc.php3 file to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-2162

Affected Products

Myguestbook

PT-2005-3094 · Myguestbook · Myguestbook

CVE-2005-2162

Related Identifiers

Affected Products

References · 6