CVE-2006-5185

2006-10-10T04:06:00
ID CVE-2006-5185
Type cve
Reporter cve@mitre.org
Modified 2017-07-20T01:33:00

Description

Eval injection vulnerability in Template.php in HAMweather 3.9.8.4 and earlier allows remote attackers to execute arbitrary code via a modified query string, which is supplied to an eval function call within the do_parse_code function. This vulnerability is addressed in the following product update: HAMweather, HAMweather, 3.9.8.5