CVE-2007-1136

2007-03-02T21:18:00
ID CVE-2007-1136
Type cve
Reporter cve@mitre.org
Modified 2011-03-08T02:51:00

Description

index.php in WebMplayer before 0.6.1-Alpha allows remote attackers to execute arbitrary code via shell metacharacters in an exec function call. NOTE: some sources have referred to this as eval injection in the param parameter, but CVE source inspection suggests that this is erroneous.