Static code injection vulnerability in installation/setup.php in phpCollab 2.5 rc3 and earlier allows remote authenticated administrators to inject arbitrary PHP code into include/settings.php via the URI.
CPE | Name | Operator | Version |
---|---|---|---|
php-collab | eq | 2.4 | |
php-collab | eq | 2.3 | |
php-collab | eq | 2.2 | |
php-collab | le | 2.5 |