CVE Vulnerabilities

CVE-2007-2141

Published: Apr 19, 2007 | Modified: Oct 16, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Direct static code injection vulnerability in shoutbox.php in ShoutPro 1.5.2 allows remote attackers to inject arbitrary PHP code into shouts.php via the shout parameter.

Affected Software

Name Vendor Start Version End Version
Shoutpro Shoutpro * 1.5.2

References