CVE-2006-5509
CVE-2006-5509
Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote attackers to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval, as demonstrated using SQL injection via the n parameter.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/2579unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://secunia.com/advisories/22442http://securityreason.com/securityalert/1774https://exchange.xforce.ibmcloud.com/vulnerabilities/29599http://www.securityfocus.com/archive/1/448796/100/100/threadedhttp://www.securityfocus.com/bid/20563http://www.security.nnov.ru/Odocument711.htmlhttp://www.vupen.com/english/advisories/2006/4062