VULHUB ™

MPM Guestbook is reported prone to an input validation vulnerability that may lead to remote command execution or arbitrary file content disclosure. The issue is due to a lack of sufficient sanitization performed on user-supplied 'header' URI parameter data. An attacker may leverage this issue to execute arbitrary PHP code in the context of the web server process or disclose the contents of web server readable files. It should be noted that although this vulnerability is reported to affect MPM Guestbook version 1.05, other versions might also be affected.

MPM Guestbook is reported prone to an input validation vulnerability that may lead to remote command execution or arbitrary file content disclosure. The issue is due to a lack of sufficient sanitization performed on user-supplied 'header' URI parameter data. An attacker may leverage this issue to execute arbitrary PHP code in the context of the web server process or disclose the contents of web server readable files. It should be noted that although this vulnerability is reported to affect MPM Guestbook version 1.05, other versions might also be affected.