Eval injection vulnerability in the template engine for SysCP 1.2.10 and previous versions allows remote malicious users to execute arbitrary PHP code via a string containing the code within "{" and "}" (curly bracket) characters, which are processed by the PHP eval function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
syscp team syscp 1.2.10 |