Vulnerabilities > CVE-2005-0887 - Unspecified vulnerability in Michael Dean Double Choco Latte
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN michael-dean
exploit available
Summary
Eval injection vulnerability in Double Choco Latte before 0.9.4.3 allows remote attackers to execute arbitrary PHP code via the menuAction variable in (1) functions.inc.php or (2) main.php, which causes code to be injected into an eval statement.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
Exploit-Db
| description | Double Choco Latte 0.9.3/0.9.4 main.php Arbitrary PHP Code Execution. CVE-2005-0887 . Webapps exploit for php platform |
| id | EDB-ID:25271 |
| last seen | 2016-02-03 |
| modified | 2005-03-24 |
| published | 2005-03-24 |
| reporter | James Bercegay |
| source | https://www.exploit-db.com/download/25271/ |
| title | Double Choco Latte 0.9.3/0.9.4 main.php Arbitrary PHP Code Execution |
References
- http://secunia.com/advisories/14688
- http://secunia.com/advisories/14688
- http://securitytracker.com/id?1013559
- http://securitytracker.com/id?1013559
- http://sourceforge.net/project/shownotes.php?release_id=315144
- http://sourceforge.net/project/shownotes.php?release_id=315144
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19806
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19806