CVE-2009-0677
CVE-2009-0677
avatarlist.php in the Your Account module, reached through modules.php, in Raven Web Services RavenNuke 2.30 allows remote authenticated users to execute arbitrary code via PHP sequences in an element of the replacements array, which is processed by the preg_replace function with the eval switch, as specified in an element of the patterns array.
Produtos afetados
n/a · n/aPoCs públicas encontradas — 1
cve_referencewww.exploit-db.com/exploits/8068não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://ravenphpscripts.com/postt17156.html&sid=12d1201371612260a42fa846ebce7badhttp://secunia.com/advisories/33928https://exchange.xforce.ibmcloud.com/vulnerabilities/48789https://www.exploit-db.com/exploits/8068http://www.osvdb.org/52007http://www.securityfocus.com/archive/1/500988/100/0/threadedhttp://www.securityfocus.com/bid/33787http://www.waraxe.us/advisory-72.html