Security Advisory

CVE-2006-5509

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-10-25 22:00:00

Last updated 2024-08-07 19:55:52

Assigner mitre

State PUBLISHED

Description

Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote attackers to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval, as demonstrated using SQL injection via the n parameter.

← Browse all CVEs View on cve.org ↗