CVE-2006-5307

Multiple PHP remote file inclusion vulnerabilities in AFGB GUESTBOOK 2.2 allow remote attackers to execute arbitrary PHP code via a URL in the Htmls parameter in (1) add.php, (2) admin.php, (3) look.php, or (4) re.php.

Score7.5
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2006-10-17 11:07:00.000-04
Last Modified2017-10-18 09:29:33.000-04

Vulnerable Software List

VendorProductVersions
Afgb Afgb Guestbook 2.2

References

SourceLink
BID20503
VUPENADV-2006-4047
XFafgbguestbook-htmls-file-include(29511)
EXPLOIT-DB2529