Описание
Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote attackers to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval, as demonstrated using SQL injection via the n parameter.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:woltlab:burning_book:1.1.2:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.0101
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote attackers to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval, as demonstrated using SQL injection via the n parameter.
EPSS
Процентиль: 77%
0.0101
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other