CVE-2008-2018 Information

Description

The AssignUser function in template.class.php in PHPizabi 0.848b C1 HFP3 performs unsafe macro expansions on strings delimited by ’’ and ’’ characters which allows remote authenticated users to obtain sensitive information via a comment containing a macro as demonstrated by a \user.password\ comment in the profile of the admin user.

Reference

http://www.securityfocus.com/bid/28954 https://exchange.xforce.ibmcloud.com/vulnerabilities/42143 https://www.exploit-db.com/exploits/5506