42 matches found
pear-XML_RPC -- arbitrary remote code execution
GulfTech Security Research Team reports: PEAR XMLRPC is vulnerable to a very high risk php code injection vulnerability due to unsanatized data being passed into an eval call...
WordPress <= 1.3.0 - Eval Injection
Because of this vulnerability in PEAR XMLRPC, attackers can execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement. Solution Update the WordPress to the latest available version at least 1.4...