e-Vision CMS style.php template Variable SQL Injection

2007-06-08T00:00:00
ID OSVDB:36607
Type osvdb
Reporter OSVDB
Modified 2007-06-08T00:00:00

Description

Technical Description

This vulnerability is only present when the magic_quotes_gpc PHP option is 'off'.

References:

Secunia Advisory ID:25605 Other Advisory URL: http://milw0rm.com/exploits/4054 ISS X-Force ID: 34793 FrSIRT Advisory: ADV-2007-2123 CVE-2007-3214 Bugtraq ID: 24398