Code injection

2007-04-1910:19:00

PRIOn knowledge base

www.prio-n.com

7.8 High

AI Score

Confidence

Low

0.133 Low

EPSS

Percentile

95.6%

JSON

Direct static code injection vulnerability in shoutbox.php in ShoutPro 1.5.2 allows remote attackers to inject arbitrary PHP code into shouts.php via the shout parameter.

CPENameOperatorVersion
shoutprole1.5.2

CPE	Name	Operator	Version
	shoutpro	le	1.5.2

References

osvdb.org/34999

secunia.com/advisories/24939

securityreason.com/securityalert/2593

www.securityfocus.com/archive/1/466037/100/0/threaded

www.securityfocus.com/bid/23542

www.vupen.com/english/advisories/2007/1432

exchange.xforce.ibmcloud.com/vulnerabilities/33727

www.exploit-db.com/exploits/3758