Vulnerability Details CVE-2006-1032
Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier, as used by runcms, exoops, and possibly other programs, allows remote attackers to execute arbitrary PHP code via the base64 tag.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.163
EPSS Ranking 94.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/19028
- http://secunia.com/advisories/19058
- http://securityreason.com/securityalert/502
- http://securitytracker.com/id?1015691
- http://www.gulftech.org/?node=research&article_id=00105-02262006
- http://www.securityfocus.com/archive/1/426193
- http://www.securityfocus.com/bid/16833
- http://www.vupen.com/english/advisories/2006/0745
- http://secunia.com/advisories/19028
- http://secunia.com/advisories/19058
- http://securityreason.com/securityalert/502
- http://securitytracker.com/id?1015691
- http://www.gulftech.org/?node=research&article_id=00105-02262006
- http://www.securityfocus.com/archive/1/426193
- http://www.securityfocus.com/bid/16833
- http://www.vupen.com/english/advisories/2006/0745