CVE ID:

CVE-2019-7719

Details:

Nibbleblog 4.0.5 allows eval injection by placing PHP code in the install.php username parameter and then making a content/private/shadow.php request.

References:

:https://github.com/dignajar/nibbleblog/issues/138

ZeroDayLab Assigned Tags:

INJECTION ATTACK