NVD

Id
6665  
Name
CVE-2008-6934  
Description
Static code injection vulnerability in Sanus|artificium (aka Sanusart) Free simple guestbook PHP script, when downloaded before 20081111, allows remote attackers to inject arbitrary PHP code into messages.txt via the message parameter to act.php, which is executed when guestbook/guestbook.php is accessed. NOTE: some of these details are obtained from third party information.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-03  
Published
2009-08-11  
Modified Date
2009-08-12  
Seq
2008-6934  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
38281 6665 CVE-2008-6934 7079  View
38282 6665 CVE-2008-6934 http://www.sanusart.com/news.php  View
38283 6665 CVE-2008-6934 32240  View
38284 6665 CVE-2008-6934 ADV-2008-3095  View
38285 6665 CVE-2008-6934 spgs-act-code-execution(46526)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
44635 JVNDB-2009-005642 Sanus|artificium Free simple guestbook PHP における messages.txt へ任意の PHP コードを挿入される脆弱性 Sanus|artificium Free simple guestbook PHP は、2008 年 11 月 11 日より前にダウンロードされている際、静的コードを挿入されることにより、messages.txt へ任意の PHP コードを挿入される脆弱性が存在します。 CVE-2008-6934 37047 CVE-2008-6934 6665 7.5 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-005642.html 2009-08-11 2012-12-20 View