CVE-2007-2501

Sažetak

Eval injection vulnerability in codepress.html in CodePress before 0.9.4 allows remote attackers to execute arbitrary code via certain input that is used in an eval function call.

Reference

http://codepress.sourceforge.net/changelog.php
http://osvdb.org/36484
http://secunia.com/advisories/25124
http://sourceforge.net/project/shownotes.php?release_id=505510
http://www.securityfocus.com/bid/23788
http://www.vupen.com/english/advisories/2007/1638
https://exchange.xforce.ibmcloud.com/vulnerabilities/34055

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

29-07-2017 - 01:31

Objavljeno

04-05-2007 - 01:19