Lucene search
K

4 matches found

NVD
NVD
added 2009/02/11 12:30 a.m.13 views

CVE-2009-0517

Eval injection vulnerability in index.php in phpSlash 0.8.1.1 and earlier allows remote attackers to execute arbitrary PHP code via the fields parameter, which is supplied to an eval function call within the generic function in include/class/tzenv.class. NOTE: some of these details are obtained...

10CVSS7.8AI score0.45267EPSS
Exploits2References6
canvas
canvas
added 2009/02/11 12:30 a.m.34 views

Immunity Canvas: PHPSLASH_RCE

Name| phpslashrce ---|--- CVE| CVE-2009-0517 Exploit Pack| CANVAS Description| PHPSlash = 0.8.1.1 Remote Code Execution Notes| CVE Name: CVE-2009-0517 VENDOR: http://sourceforge.net/projects/phpslash/ Repeatability: Infinite CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-0517...

10CVSS1AI score0.45267EPSS
Exploits2
CVE
CVE
added 2009/02/11 12:0 a.m.48 views

CVE-2009-0517

CVE-2009-0517 affects phpSlash 0.8.1.1 and earlier. The flaw is an eval()-based injection where unvalidated input in the fields parameter is passed to eval() inside tz_env.class, enabling remote PHP code execution with the web server’s privileges. Impact is described as complete impacts to confid...

10CVSS8.1AI score0.45267EPSS
Exploits2References6Affected Software1
Cvelist
Cvelist
added 2009/02/11 12:0 a.m.15 views

CVE-2009-0517

Eval injection vulnerability in index.php in phpSlash 0.8.1.1 and earlier allows remote attackers to execute arbitrary PHP code via the fields parameter, which is supplied to an eval function call within the generic function in include/class/tzenv.class. NOTE: some of these details are obtained...

7.8AI score0.45267EPSS
Exploits2References6
Rows per page
Query Builder