The create_anchors function in utils.inc in WebSVN 1.x allows remote malicious users to execute arbitrary PHP code via a crafted username that is processed by the preg_replace function with the eval switch.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
tigris websvn 1.37 |
||
tigris websvn 1.34 |
||
tigris websvn 1.03 |
||
tigris websvn 1.02 |
||
tigris websvn 1.60 |
||
tigris websvn 1.61 |
||
tigris websvn 1.33 |
||
tigris websvn 1.32 |
||
tigris websvn 1.01 |
||
tigris websvn 1.00 |
||
tigris websvn 1.62 |
||
tigris websvn 1.51 |
||
tigris websvn 1.31a |
||
tigris websvn 1.20 |
||
tigris websvn 1.40 |
||
tigris websvn 1.39 |
||
tigris websvn 1.38 |
||
tigris websvn 1.10 |
||
tigris websvn 1.04 |
Vulmon