Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2005-2498

Опубликовано: 15 авг. 2005
Источник: debian

Описание

Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
drupalfixed4.5.5-1package
phpgroupwarefixed0.9.16.008-1package
egroupwarefixed1.0.0.009.dfsg-1package
phpwikiunfixedpackage
php4fixed4:4.3.10-16package
php5fixed5.0.5-1package

Примечания

  • phpwiki has disabled the XMLRPC in the last upload, it orphaned as well, should be fixed anyway

Связанные уязвимости

ubuntu логотип

CVE-2005-2498

ubuntu
около 20 лет назад

Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921.

redhat логотип

CVE-2005-2498

redhat
около 20 лет назад

Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921.

nvd логотип

CVE-2005-2498

nvd
около 20 лет назад

Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921.

github логотип

GHSA-mcp5-3g3r-5wm5

github
больше 3 лет назад

Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921.