Eval injection vulnerability in reserve.php in phpScheduleIt 1.2.10 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary PHP code via the start_date parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
brickhost phpscheduleit 1.0_rc1 |
||
brickhost phpscheduleit 1.2.0 |
||
brickhost phpscheduleit 1.2.5 |
||
brickhost phpscheduleit 1.2.6 |
||
brickhost phpscheduleit 1.2.1 |
||
brickhost phpscheduleit 1.2.2 |
||
brickhost phpscheduleit 1.2.9 |
||
brickhost phpscheduleit 1.0.0rc1 |
||
brickhost phpscheduleit 1.0 |
||
brickhost phpscheduleit 1.2.3 |
||
brickhost phpscheduleit 1.2.4 |
||
brickhost phpscheduleit |
||
brickhost phpscheduleit 1.2.7 |
||
brickhost phpscheduleit 1.2.8 |