2014-07-20 10:00:00
jpcert
PUBLISHED
The auto-format feature in the Request_Curl class in FuelPHP 1.1 through 1.7.1 allows remote attackers to execute arbitrary code via a crafted response.