Static code injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the value parameter.
References
Configurations
History
21 Nov 2024, 00:38
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/43760 - | |
References | () http://secunia.com/advisories/27503 - | |
References | () http://secunia.com/advisories/28008 - | |
References | () http://teamforge.net/viewcvs/viewcvs.cgi/tags/release-3.3.9/doc/history.txt?view=markup - | |
References | () http://www.debian.org/security/2007/dsa-1423 - | |
References | () http://www.gentoo.org/security/en/glsa/glsa-200711-05.xml - | |
References | () http://www.securityfocus.com/archive/1/482499/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/26126 - | |
References | () http://www.vupen.com/english/advisories/2007/3768 - | |
References | () https://bugs.gentoo.org/attachment.cgi?id=133465&action=view - | |
References | () https://bugs.gentoo.org/show_bug.cgi?id=195810 - |
Information
Published : 2007-10-17 19:17
Updated : 2024-11-21 00:38
NVD link : CVE-2007-5492
Mitre link : CVE-2007-5492
CVE.ORG link : CVE-2007-5492
JSON object : View
Products Affected
sitebar
- sitebar
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')