VYPR
Unrated severityNVD Advisory· Published Dec 23, 2008· Updated Jun 16, 2026

CVE-2008-4305

CVE-2008-4305

Description

Static code injection vulnerability in installation/setup.php in phpCollab 2.5 rc3 and earlier allows remote authenticated administrators to inject arbitrary PHP code into include/settings.php via the URI.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:a:php-collab:php-collab:2.2:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:php-collab:php-collab:2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:php-collab:php-collab:2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:php-collab:php-collab:2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:php-collab:php-collab:*:rc3:*:*:*:*:*:*range: <=2.5
    • (no CPE)range: <=2.5 rc3

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.