Vulnerability Details : CVE-2006-4530
Direct static code injection vulnerability in include/change.php in membrepass 1.5 allows remote attackers to execute arbitrary PHP code via the aifon parameter, which is injected into include/variable.php.
Exploit prediction scoring system (EPSS) score for CVE-2006-4530
2.26%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 88 %
Percentile, the proportion of vulnerabilities that are scored at or less