CVE-2014-1999
CVE-2014-1999 affects FuelPHP’s Request_Curl class (versions 1.1–1.7.1) where an auto-format feature can process crafted responses and lead to arbitrary code execution on the application server. The root cause is unsafe auto-formatting of curl responses, enabling remote code execution when untrus...