793 matches found
Design/Logic Flaw
Eval injection vulnerability in config.php in Support Incident Tracker aka SiT! 3.65 allows remote authenticated administrators to execute arbitrary PHP code via the applicationname parameter in a save action...
CVE-2011-3832
SiT! (Support Incident Tracker) 3.65 is affected by an eval/code-injection vulnerability in config.php. The issue allows remote authenticated administrators to execute arbitrary PHP code via the application_name parameter during a save action, due to the use of an eval-like construct in evaluatin...
Mandriva Update for perl MDVSA-2012:009 (perl)
Check for the Version of perl OpenVAS Vulnerability Test Mandriva Update for perl MDVSA-2012:009 perl Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
perl security vulnerabilities
It's possible to inject eval expression into digest module constructor. Off-by-one overflow in decodexs...
Mandriva Update for perl MDVSA-2012:008 (perl)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2011-3597
Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor...
DEBIAN-CVE-2011-3597
Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor...
Sql injection
Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor...
CVE-2011-3597
CVE-2011-3597 is an eval-injection vulnerability in the Perl Digest module (before 1.17). The vulnerability allows context-dependent attackers to execute arbitrary commands via the module’s new constructor. Affected component: Digest module for Perl; root cause described as improper handling/unsa...
CVE-2011-3597
Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor...
CVE-2011-3597
Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor...
Perl Digest improper control of generation of code
Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor...
Perl Digest improper control of generation of code
Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor...
CVE-2011-1760
utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell metacharacters in the -e argument...
Design/Logic Flaw
utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell metacharacters in the -e argument...
CVE-2011-1760
CVE-2011-1760 affects utils/opcontrol in OProfile 0.9.6 and earlier. The root cause is an eval injection possibility via shell metacharacters in the -e argument, enabling local users to gain privileges. Reports in connected documents confirm impact on affected distributions (e.g., EulerOS advisor...
CVE-2011-1760
utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell metacharacters in the -e argument...
CVE-2010-3719
Eval injection vulnerability in IMAdminSchedTask.asp in the administrative interface for Symantec IM Manager 8.4.16 and earlier allows remote attackers to execute arbitrary code via unspecified parameters to the ScheduleTask method...
Sql injection
Eval injection vulnerability in IMAdminSchedTask.asp in the administrative interface for Symantec IM Manager 8.4.16 and earlier allows remote attackers to execute arbitrary code via unspecified parameters to the ScheduleTask method...
CVE-2010-3719
Summary: CVE-2010-3719 affects Symantec IM Manager. The vulnerability resides in the admin interface’s ScheduleTask function (IMAdminSchedTask.asp) and involves improper sanitization of POST input passed to an eval() call. Affected product is Symantec IM Manager up to version 8.4.16; exploitation...