Vulnerabilities > CVE-2007-1998 - Unspecified vulnerability in Hiox India Guest Book 4.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN hiox-india
exploit available
Summary
Direct static code injection vulnerability in HIOX Guest Book (HGB) 4.0 allows remote attackers to inject arbitrary PHP code via the Email field, which results in code execution through a direct request to gb.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | HIOX GUEST BOOK (HGB) 4.0 Remote Code Execution Vulnerability. CVE-2007-1998. Webapps exploit for php platform |
| file | exploits/php/webapps/3697.txt |
| id | EDB-ID:3697 |
| last seen | 2016-01-31 |
| modified | 2007-04-10 |
| platform | php |
| port | |
| published | 2007-04-10 |
| reporter | Dj7xpl |
| source | https://www.exploit-db.com/download/3697/ |
| title | HIOX GUEST BOOK HGB 4.0 - Remote Code Execution Vulnerability |
| type | webapps |
References
- http://secunia.com/advisories/24835
- http://secunia.com/advisories/24835
- http://www.vupen.com/english/advisories/2007/1333
- http://www.vupen.com/english/advisories/2007/1333
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33540
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33540
- https://www.exploit-db.com/exploits/3697
- https://www.exploit-db.com/exploits/3697