2 matches found
CVE-2005-2624
CVE-2005-2624 affects CPAINT 1.3-SP. The vulnerability occurs when user-supplied cpaint_argument[] is fed directly into an eval statement in calculator.asp and cpaintfile.asp, allowing remote attackers to execute arbitrary ASP code. The root cause is eval-injection via unsanitized input. The publ...
CVE-2005-2624
Eval injection vulnerability in CPAINT 1.3-SP allows remote attackers to execute arbitrary ASP code via the cpaintargument parameter to 1 calculator.asp or 2 cpaintfile.asp, which is directly fed into an eval statement...