2 matches found
CVE-2006-5185
Eval injection vulnerability in Template.php in HAMweather 3.9.8.4 and earlier allows remote attackers to execute arbitrary code via a modified query string, which is supplied to an eval function call within the doparsecode function...
CVE-2006-5185
The CVE-2006-5185 issue affects HAMweather (versions 3.9.8.4 and earlier) where eval injection in Template.php occurs. An attacker can supply a modified query string that is passed to an eval call inside do_parse_code, allowing remote code execution. Impact is arbitrary code execution on the web ...