Vulnerabilities > Eyeos Project > Eyeos > 0.8.2.r2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-02-10 | CVE-2006-0636 | Remote Command Execution vulnerability in EyeOS Session desktop.php in eyeOS 0.8.9 and earlier tests for the existence of the _SESSION variable before calling the session_start function, which allows remote attackers to execute arbitrary PHP code and possibly conduct other attacks by modifying critical assumed-immutable variables, as demonstrated using PHP code in the _SESSION[apps][eyeOptions.eyeapp][wrapup] variable. | 7.5 |