CVE-2008-6761

CVE-2008-6761 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Static code injection vulnerability in admin/install.php in Flexcustomer 0.0.6 might allow remote attackers to inject arbitrary PHP code into const.inc.php via the installdbname parameter (aka the Database Name field). NOTE: the installation instructions specify deleting admin/install.php.

Learn more about our Web Application Penetration Testing UK.