CVE-2007-2196

Name of the Vulnerable Software and Affected Versions Jambook (com Jambook) version 1.0 beta7

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig absolute path parameter. However, it has been disputed by a reliable third party because the jambook.php protects against direct requests.

Recommendations For Jambook (com Jambook) version 1.0 beta7, consider restricting access to the mosConfig absolute path parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.