5 matches found
PT-2025-9811
Name of the Vulnerable Software and Affected Versions VEDA - MultiPurpose WordPress Theme versions up to, and including, 4.2 Description The VEDA - MultiPurpose WordPress Theme theme for WordPress is vulnerable to PHP Object Injection via deserialization of untrusted input in the veda backup and...
Design/Logic Flaw
Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action...
CVE-2014-7288
Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action...
Sql injection
Multiple eval injection vulnerabilities in Php-Stats 0.1.9.2 allow remote authenticated administrators to execute arbitrary code by writing PHP sequences to the php-stats-options record in the options table, which is used in an eval function call by 1 admin.php, 2 click.php, 3 download.php, and...
CVE-2007-5453
Multiple eval injection vulnerabilities in Php-Stats 0.1.9.2 allow remote authenticated administrators to execute arbitrary code by writing PHP sequences to the php-stats-options record in the options table, which is used in an eval function call by 1 admin.php, 2 click.php, 3 download.php, and...