exploitDog

GHSA-q7g7-9g33-6v6c

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote attackers to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval, as demonstrated using SQL injection via the n parameter.

Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote attackers to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval, as demonstrated using SQL injection via the n parameter.

Ссылки

EPSS

Процентиль: 77%

0.0101

Низкий

CVE ID

Связанные уязвимости

CVE-2006-5509

nvd

больше 19 лет назад

Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote attackers to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval, as demonstrated using SQL injection via the n parameter.

EPSS

Процентиль: 77%

0.0101

Низкий

CVE ID