Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch, (6) TikiWiki, (7) phpWebSite, (8) Ampache, and others, allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
XML-RPC/PHP-XMLRPC 代码注入漏洞
Vulnerability Description
PEAR XML_RPC及PHPXMLRPC是在较多网站应用系统中使用的功能模块。 PEAR XML_RPC 1.3.0及之前版本(也称为XML-RPC或xmlrpc)以及PHPXMLRPC (也称为XML-RPC For PHP或php-xmlrpc) 1.1及之前版本中存在代码注入漏洞。 由于在使用文件前没有进行适当的检验处理,远程攻击者可通过XML文件,利用此漏洞执行任意PHP代码。 多个使用这些模块的产品,包括WordPress, Serendipity,Drupal,egroupware, Ma
CVSS Information
N/A
Vulnerability Type
N/A