CVE-2013-1349

Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:os4ed:opensis:4.5:*:*:*:*:*:*:*
cpe:2.3:a:os4ed:opensis:4.6:*:*:*:*:*:*:*
cpe:2.3:a:os4ed:opensis:4.7:*:*:*:*:*:*:*
cpe:2.3:a:os4ed:opensis:4.8:*:*:*:*:*:*:*
cpe:2.3:a:os4ed:opensis:4.8.1:*:*:*:*:*:*:*
cpe:2.3:a:os4ed:opensis:4.9:*:*:*:*:*:*:*
cpe:2.3:a:os4ed:opensis:5.0:*:*:*:*:*:*:*
cpe:2.3:a:os4ed:opensis:5.1:*:*:*:*:*:*:*
cpe:2.3:a:os4ed:opensis:5.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2013-12-09 16:36

Updated : 2024-02-04 18:16


NVD link : CVE-2013-1349

Mitre link : CVE-2013-1349

CVE.ORG link : CVE-2013-1349


JSON object : View

Products Affected

os4ed

  • opensis
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')