Design/Logic Flaw

2006-03-0711:02:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

Low

0.151 Low

EPSS

Percentile

95.9%

JSON

Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier, as used by runcms, exoops, and possibly other programs, allows remote attackers to execute arbitrary PHP code via the base64 tag.

CPENameOperatorVersion
phprpceq0.8
phprpceq0.9
phprpceq0.7

Name	Operator	Version
phprpc	eq	0.8
phprpc	eq	0.9
phprpc	eq	0.7

References

secunia.com/advisories/19028

secunia.com/advisories/19058

securityreason.com/securityalert/502

securitytracker.com/id?1015691

www.gulftech.org/?node=research&article_id=00105-02262006

www.securityfocus.com/archive/1/426193

www.securityfocus.com/bid/16833

www.vupen.com/english/advisories/2006/0745