Design/Logic Flaw

2007-05-0401:19:00

PRIOn knowledge base

www.prio-n.com

8.4 High

AI Score

Confidence

Low

0.121 Low

EPSS

Percentile

95.4%

JSON

Eval injection vulnerability in codepress.html in CodePress before 0.9.4 allows remote attackers to execute arbitrary code via certain input that is used in an eval function call.

CPENameOperatorVersion
codepressle0.9.3

CPE	Name	Operator	Version
	codepress	le	0.9.3

References

codepress.sourceforge.net/changelog.php

osvdb.org/36484

secunia.com/advisories/25124

sourceforge.net/project/shownotes.php?release_id=505510

www.securityfocus.com/bid/23788

www.vupen.com/english/advisories/2007/1638

exchange.xforce.ibmcloud.com/vulnerabilities/34055