The create_anchors function in utils.inc in WebSVN 1.x allows remote attackers to execute arbitrary PHP code via a crafted username that is processed by the preg_replace function with the eval switch.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2009-01-20 18:30
Updated : 2017-09-28 18:32
NVD link : CVE-2008-5920
Mitre link : CVE-2008-5920
JSON object : View
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')
Products Affected
tigris
- websvn