CVE-2014-4672

The CDetailView widget in Yii PHP Framework 1.1.14 allows remote attackers to execute arbitrary PHP scripts via vectors related to the value property.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:yiiframework:yiiframework:1.1.14:*:*:*:*:*:*:*

Information

Published : 2014-07-03 10:55

Updated : 2014-07-23 22:01


NVD link : CVE-2014-4672

Mitre link : CVE-2014-4672


JSON object : View

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

Advertisement

dedicated server usa

Products Affected

yiiframework

  • yiiframework