CVE-2008-2018 - White livered Fisting


The AssignUser function in template.class.php in PHPizabi 0.848b C1 HFP3 performs unsafe macro expansions on strings delimited by ‘’ and ‘’ characters which allows remote authenticated users to obtain sensitive information via a comment containing a macro as demonstrated by a \user.password\ comment in the profile of the admin user.