Unrated severityNVD Advisory· Published Jun 10, 2008· Updated Jun 16, 2026
CVE-2008-2638
CVE-2008-2638
Description
Static code injection vulnerability in guestbook.php in 1Book 1.0.1 and earlier allows remote attackers to upload arbitrary PHP code via the message parameter in an HTML webform, which is written to data.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.