4 matches found
CVE-2009-0517
Eval injection vulnerability in index.php in phpSlash 0.8.1.1 and earlier allows remote attackers to execute arbitrary PHP code via the fields parameter, which is supplied to an eval function call within the generic function in include/class/tzenv.class. NOTE: some of these details are obtained...
Immunity Canvas: PHPSLASH_RCE
Name| phpslashrce ---|--- CVE| CVE-2009-0517 Exploit Pack| CANVAS Description| PHPSlash = 0.8.1.1 Remote Code Execution Notes| CVE Name: CVE-2009-0517 VENDOR: http://sourceforge.net/projects/phpslash/ Repeatability: Infinite CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-0517...
CVE-2009-0517
CVE-2009-0517 affects phpSlash 0.8.1.1 and earlier. The flaw is an eval()-based injection where unvalidated input in the fields parameter is passed to eval() inside tz_env.class, enabling remote PHP code execution with the web server’s privileges. Impact is described as complete impacts to confid...
CVE-2009-0517
Eval injection vulnerability in index.php in phpSlash 0.8.1.1 and earlier allows remote attackers to execute arbitrary PHP code via the fields parameter, which is supplied to an eval function call within the generic function in include/class/tzenv.class. NOTE: some of these details are obtained...