CVE-2007-1553

Guestbara <1.2 - RCE

Title source: llm

Description

admin/configuration.php in Guestbara 1.2 and earlier allows remote attackers to modify the e-mail, name, and password of the admin account by setting the zapis parameter to "ok" and providing modified admin_mail, login, and pass parameters.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Kacper · htmlwebappsphp

https://www.exploit-db.com/exploits/3506

View Code ZIP pw:eip

References (2)

[Third Party Advisory, VDB Entry] http://osvdb.org/34519

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/3506

Scores

EPSS 0.0206

EPSS Percentile 84.0%

Details

Status published

Products (1)

guestbara/guestbara < 1.2

Published Mar 20, 2007

Tracked Since Feb 18, 2026