VYPR
Unrated severityNVD Advisory· Published Jul 21, 2008· Updated Jun 16, 2026

CVE-2008-3239

CVE-2008-3239

Description

Unrestricted file upload vulnerability in the writeLogEntry function in system/v_cron_proc.php in PHPizabi 0.848b C1 HFP1, when register_globals is enabled, allows remote attackers to upload and execute arbitrary code via a filename in the CONF[CRON_LOGFILE] parameter and file contents in the CONF[LOCALE_LONG_DATE_TIME] parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Phpizabi/Phpizabi3 versions
    cpe:2.3:a:phpizabi:phpizabi:0.848b:c1:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:phpizabi:phpizabi:0.848b:c1:*:*:*:*:*:*
    • cpe:2.3:a:phpizabi:phpizabi:0.848b:c1_hfp1:*:*:*:*:*:*
    • (no CPE)range: 0.848b C1 HFP1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.