794 matches found
PYSEC-2019-102
Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...
UBUNTU-CVE-2019-19010
Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...
PYSEC-2019-32
Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...
CVE-2019-19010
Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...
CVE-2019-19010
CVE-2019-19010 affects Limnoria (Limnoria/Math plugin) and Supybot, where eval injection in the Math plugin allows remote unauthenticated attackers to disclose information and potentially other impact via the calc and icalc commands. Affected versions include Limnoria before 2019.11.09 and Supybo...
CVE-2019-19010
Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...
CVE-2008-5906
Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts...
CVE-2018-20988
The wpgform plugin before 0.94 for WordPress has eval injection in the CAPTCHA calculation...
Code injection
The wpgform plugin before 0.94 for WordPress has eval injection in the CAPTCHA calculation...
CVE-2018-20988
The wpgform plugin before 0.94 for WordPress has eval injection in the CAPTCHA calculation...
CVE-2018-20988
CVE-2018-20988 affects the WordPress Google Forms (wpgform) plugin prior to 0.94. The issue is an eval injection in the CAPTCHA calculation, as described across multiple sources (NVD, Red Hat, CNVD, CVE list, etc.). The connected documents do not provide explicit exploitation details, affected pr...
CVE-2019-14746
A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php dbname parameter and then making a config.php request...
CVE-2019-14746
A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php dbname parameter and then making a config.php request...
Design/Logic Flaw
A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php dbname parameter and then making a config.php request...
CVE-2019-14746
A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php dbname parameter and then making a config.php request...
CVE-2019-14746
CVE-2019-14746 affects KuaiFanCMS 5.0. The issue is an eval injection vulnerability: an attacker can place PHP code in the install.php db_name parameter and trigger it via a subsequent config.php request, enabling code execution as described. The connected documents confirm this vector and impact...
CVE-2019-11552
Code42 Enterprise and Crashplan for Small Business Client version 6.7 before 6.7.5, 6.8 before 6.8.8, and 6.9 before 6.9.4 allows eval injection. A proxy auto-configuration file, crafted by a lesser privileged user, may be used to execute arbitrary code at a higher privilege as the service user...
CVE-2019-11552
Code42 Enterprise and Crashplan for Small Business Client version 6.7 before 6.7.5, 6.8 before 6.8.8, and 6.9 before 6.9.4 allows eval injection. A proxy auto-configuration file, crafted by a lesser privileged user, may be used to execute arbitrary code at a higher privilege as the service user...
Code injection
Code42 Enterprise and Crashplan for Small Business Client version 6.7 before 6.7.5, 6.8 before 6.8.8, and 6.9 before 6.9.4 allows eval injection. A proxy auto-configuration file, crafted by a lesser privileged user, may be used to execute arbitrary code at a higher privilege as the service user...
CVE-2019-11552
Code42 Enterprise and Crashplan for Small Business Client version 6.7 before 6.7.5, 6.8 before 6.8.8, and 6.9 before 6.9.4 allows eval injection. A proxy auto-configuration file, crafted by a lesser privileged user, may be used to execute arbitrary code at a higher privilege as the service user...