|
|
CVE Reference: CVE-2008-4645 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-4645 |
|
|
Description: plugins/event_tracer/event_list.php in PhpWebGallery 1.7.2 and earlier allows remote authenticated administrators to execute arbitrary PHP code via PHP sequences in the sort parameter, which is processed by create_function. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/45875 SREASON http://securityreason.com/securityalert/4456 MILW0RM http://www.milw0rm.com/exploits/6755 BID 31762 |
|
| Return to the previous page. |
