RoSPORA 1.5.0 - Remote PHP Code Injection

RoSPORA 1.5.0 - Remote PHP Code Injection '; 671. $link=$SERVER'PHPSELF'."?f=".$flag."&s="; 672. 673. if !empty$plarray 674. 675. usort$plarray, createfunction'$a, $b', 'if $a'.$sort.' == $b'.$sort.' return 0; if $a'.$sort.' '.$sorttype.' $b'.$sort.' return -1; return 1;'; 676. Input parameter...

PHP 5.2.6 - 'create_function()' Code Injection (1)

source: https://www.securityfocus.com/bid/31398/info PHP is prone to a code-injection weakness because it fails to sufficiently sanitize input to 'createfunction'. Note that the anonymous function returned need not be called for the supplied code to be executed. An attacker who can exploit this...