Security Advisory

CVE-2008-4645

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2008-10-21 22:00:00

Last updated 2024-08-07 10:24:20

Assigner mitre

State PUBLISHED

Description

plugins/event_tracer/event_list.php in PhpWebGallery 1.7.2 and earlier allows remote authenticated administrators to execute arbitrary PHP code via PHP sequences in the sort parameter, which is processed by create_function.

← Browse all CVEs View on cve.org ↗