CVE-2009-0673
N/A
N/A
Summary
Eval injection vulnerability in the Custom Fields feature in the Your Account module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary PHP code via the ID Field Name box in a yaCustomFields action to admin.php.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/33787
- http://ravenphpscripts.com/postt17156.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48790
- http://www.securityfocus.com/archive/1/500988/100/0/threaded
- https://www.exploit-db.com/exploits/8068
- http://www.waraxe.us/advisory-72.html
References
- http://www.securityfocus.com/bid/33787
- http://ravenphpscripts.com/postt17156.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48790
- http://www.securityfocus.com/archive/1/500988/100/0/threaded
- https://www.exploit-db.com/exploits/8068
- http://www.waraxe.us/advisory-72.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.