2514 matches found
Design/Logic Flaw
taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php dbname parameter and then making a config.php request...
CVE-2019-7720
taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php dbname parameter and then making a config.php request...
CVE-2019-7719
Nibbleblog 4.0.5 is affected by CVE-2019-7719 via an eval injection flaw. The vulnerability occurs when PHP code is placed in the install.php username parameter and a subsequent request to content/private/shadow.php is made, enabling arbitrary PHP evaluation on the server. The NVD entry lists a h...
CVE-2019-7720
The CVE-2019-7720 entry applies to TaoCMS, describing an eval-injection flaw in which PHP code can be placed in the install.php db_name parameter and then triggered via a config.php request. Red Hat and other sources corroborate the same issue, indicating the root cause is eval injection leading ...
TaoCMS code injection vulnerability
TaoCMS is a php sqlite/mysql based ultra-small CMS management system. TaoCMS is vulnerable to code injection, which can be exploited by placing PHP code in the install.php dbname parameter and then issuing a config.php request to perform eval injection...
Remote Code Execution (RCE)
luci is vulnerable to remote code execution RCE attacks. The vulnerability exists through an eval injection vulnerability in luci 0.26.0 allows remote authenticated users with certain permissions to execute arbitrary Python code via a crafted cluster configuration...
DEBIAN-CVE-2019-6290
An infinite recursion issue was discovered in eval.c in Netwide Assembler NASM through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '' characters. Remote attackers could leverage...
UBUNTU-CVE-2019-6290
An infinite recursion issue was discovered in eval.c in Netwide Assembler NASM through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '' characters. Remote attackers could leverage...
Sandbox Breakout / Arbitrary Code Execution
Overview Versions of static-evalprior to 2.0.2 pass untrusted user input directly to the global function constructor, resulting in an arbitrary code execution vulnerability when user input is parsed via the package. Proof of concept var evaluate = require'static-eval'; var parse =...
UBUNTU-CVE-2018-20190
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operatorSass::SupportsOperator in eval.cpp may cause a Denial of Service application crash via a crafted sass input file...
CVE-2018-20190
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operatorSass::SupportsOperator in eval.cpp may cause a Denial of Service application crash via a crafted sass input file...
UBUNTU-CVE-2018-19837
In LibSass prior to 3.5.5, Sass::Eval::operatorSass::BinaryExpression inside eval.cpp allows attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, because of certain incorrect parsing of '%' as a modulo operator in parser.cpp...
LibSass Denial of Service Vulnerability (CNVD-2019-06788)
LibSass is an open source written in C using Sass CSS extension language parser . A security vulnerability exists in the 'Sass::Eval::operator' function of the eval.cpp file in LibSass versions prior to 3.5.5, which stems from the program failing to properly parse the '%' character. The...
Code injection
PbootCMS V1.3.1 build 2018-11-14 allows remote attackers to execute arbitrary code via use of "eval" with mixed case, as demonstrated by an index.php/list/5/?current=pboot:ifevAl$GETa1/pboot:if&a=phpinfo; URI, because of an incorrect apps\home\controller\ParserController.php parserIfLabel...
CVE-2018-19595
PbootCMS V1.3.1 build 2018-11-14 allows remote attackers to execute arbitrary code via use of "eval" with mixed case, as demonstrated by an index.php/list/5/?current=pboot:ifevAl$GETa1/pboot:if&a=phpinfo; URI, because of an incorrect apps\home\controller\ParserController.php parserIfLabel...
PT-2018-3063 · D Link · D-Link Central Wifi Manager Cwm
Name of the Vulnerable Software and Affected Versions: D-Link Central WiFi Manager CWM100 versions prior to v1.03R0100 BETA6 Description: The issue is related to a flaw in the authentication procedure of the D-Link Central WiFi Manager CWM100. This flaw allows remote attackers to execute arbitrar...
Unspecified Vulnerability in LibSass (CNVD-2019-40138)
LibSass is an open source written in C using Sass CSS extension language parser . A security vulnerability exists in the 'Sass::Eval::operator' function in LibSass version 3.5-stable. An attacker can exploit this vulnerability to cause a denial of service...
UBUNTU-CVE-2018-19219
In LibSass 3.5-stable, there is an illegal address access at Sass::Eval::operator that will lead to a DoS attack...
CVE-2018-18319
An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because api.php has an eval call, as demonstrated by the /6/api.php?function=command&class=remote&Cc='ls' URI. NOTE: the vendor indicates that Merlin.PHP is designed on...
PT-2018-14403 · Asuswrt Merlin · Merlin.Php
Name of the Vulnerable Software and Affected Versions: Merlin.PHP version 0.6.6 Description: An issue was discovered in the Merlin.PHP component for Asuswrt-Merlin devices, allowing an attacker to execute arbitrary commands. This is due to an eval call in api.php, as demonstrated by the...