Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PHPXMLRPC和PEAR 代码注入漏洞
Vulnerability Description
PHPXMLRPC和PEAR XML_RPC都是XML-RPC协议的PHP实现。 PHPXMLRPC和PEAR XML_RPC中存在远程PHP代码注入漏洞,攻击者可以利用这个漏洞导致执行任意代码。起因是如果解析文档中嵌套了某些XML标签的话,就无法正确的处理这种情况。
CVSS Information
N/A
Vulnerability Type
N/A