Direct static code injection vulnerability in phpBook 1.3.2 and earlier allows remote attackers to execute arbitrary PHP code via the e-mail field (mail variable) in a new message, which is written to a PHP file.
Max CVSS
7.5
EPSS Score
58.19%
Published
2006-01-04
Updated
2018-10-19
1 vulnerabilities found