CVE-2006-1563

2006-03-31T11:06:00
ID CVE-2006-1563
Type cve
Reporter cve@mitre.org
Modified 2018-10-18T16:33:00

Description

Direct static code injection vulnerability in config.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allows remote administrators to execute arbitrary PHP code into the config file, which is included other [V]Book scripts. Successful exploitation requires that "magic_quotes_gpc" is set to off.