CVE-2008-2638

1-script 1-book < 1.0.1 - Remote Code Execution via Guestbook Message Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-2638. PoCs published by JIKO.

AI-analyzed exploit summary This exploit leverages a PHP deserialization vulnerability in 1Book Guestbook Script to achieve remote code execution by injecting malicious serialized data into the guestbook entries, allowing an attacker to include arbitrary PHP files via a crafted request.

Description

Static code injection vulnerability in guestbook.php in 1Book 1.0.1 and earlier allows remote attackers to upload arbitrary PHP code via the message parameter in an HTML webform, which is written to data.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by JIKO · textwebappsphp

https://www.exploit-db.com/exploits/5736

View Code ZIP pw:eip

This exploit leverages a PHP deserialization vulnerability in 1Book Guestbook Script to achieve remote code execution by injecting malicious serialized data into the guestbook entries, allowing an attacker to include arbitrary PHP files via a crafted request.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: 1Book Guestbook Script

No auth needed

Prerequisites: Access to the guestbook submission form · Ability to send crafted POST requests

MITRE ATT&CK