NuytsTech Security

CVE-2008-6132

by ·

Eval injection vulnerability in reserve.php in phpScheduleIt 1.2.10 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via the start_date parameter.

Date published : 2009-02-13

http://www.securityfocus.com/bid/31520

http://phpscheduleit.svn.sourceforge.net/viewvc/phpscheduleit/1.2.11/reserve.php?r1=318&r2=328

Tags: