CVE-2008-6119

Name of the Vulnerable Software and Affected Versions Goople CMS version 1.7

Description A static code injection issue exists, allowing remote attackers to inject arbitrary PHP code into admin/userandpass.php via the username and password parameters in the gooplecms/admin/account/action/editpass.php file.

Recommendations For Goople CMS version 1.7, avoid using the username and password parameters in the affected file until a fix is available. As a temporary workaround, consider restricting access to the gooplecms/admin/account/action/editpass.php file to minimize the risk of exploitation.