CVE-2008-6773 Information

Feb 14, 2021 cve

Description

Static code injection vulnerability in user/internettoolbar/edit.php in YourPlace 1.0.2 and earlier allows remote authenticated users to execute arbitrary PHP code into user/internettoolbar/index.php via the (1) fav1_url (2) fav1_name (3) fav2_url (4) fav2_name (5) fav3_url (6) fav3_name (7) fav4_url (8) fav4_name (9) fav5_url or (10) fav5_name parameters.

Reference

http://secunia.com/advisories/33272 http://www.securityfocus.com/bid/32971 https://exchange.xforce.ibmcloud.com/vulnerabilities/47562 https://www.exploit-db.com/exploits/7545 Static code injection vulnerability in user/internettoolbar/edit.php in YourPlace 1.0.2 and earlier allows remote authenticated users to execute arbitrary PHP code into user/internettoolbar/index.php via the (1) fav1_url (2) fav1_name (3) fav2_url (4) fav2_name (5) fav3_url (6) fav3_name (7) fav4_url (8) fav4_name (9) fav5_url or (10) fav5_name parameters.

Share on: