Eval injection vulnerability in the template engine for SysCP 1.2.10 and earlier allows remote attackers to execute arbitrary PHP code via a string containing the code within "{" and "}" (curly bracket) characters, which are processed by the PHP eval function.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=112352095923614&w=2 | |
http://www.hardened-php.net/advisory_132005.64.html | Vendor Advisory |
http://www.syscp.de/forum/viewtopic.php?t=1772 | Patch |
Configurations
History
No history.
Information
Published : 2005-08-16 04:00
Updated : 2024-02-28 10:42
NVD link : CVE-2005-2568
Mitre link : CVE-2005-2568
CVE.ORG link : CVE-2005-2568
JSON object : View
Products Affected
syscp_team
- syscp
CWE