Multiple eval injection vulnerabilities in the com_search component in Joomla! 1.5 beta before RC1 (aka Mapya) allow remote attackers to execute arbitrary PHP code via PHP sequences in the searchword parameter, related to default_results.php in (1) components/com_search/views/search/tmpl/ and (2) templates/beez/html/com_search/search/.
References
Configurations
Information
Published : 2007-08-07 18:17
Updated : 2018-10-15 14:33
NVD link : CVE-2007-4187
Mitre link : CVE-2007-4187
JSON object : View
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')
Products Affected
joomla
- joomla