Description
Eval injection vulnerability in reserve.php in phpScheduleIt 1.2.10 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via the start_date parameter.
Affected products
- brickhost / phpscheduleit1.2.10
- brickhost / phpscheduleit1.0 – 1.0
- brickhost / phpscheduleit1.0.0rc1 – 1.0.0rc1
- brickhost / phpscheduleit1.0_rc1 – 1.0_rc1
- brickhost / phpscheduleit1.2.0 – 1.2.0
- brickhost / phpscheduleit1.2.0 – 1.2.0
- brickhost / phpscheduleit1.2.0 – 1.2.0
- brickhost / phpscheduleit1.2.1 – 1.2.1
- brickhost / phpscheduleit1.2.2 – 1.2.2
- brickhost / phpscheduleit1.2.3 – 1.2.3
- brickhost / phpscheduleit1.2.4 – 1.2.4
- brickhost / phpscheduleit1.2.5 – 1.2.5
- brickhost / phpscheduleit1.2.6 – 1.2.6
- brickhost / phpscheduleit1.2.7 – 1.2.7
- brickhost / phpscheduleit1.2.8 – 1.2.8
- brickhost / phpscheduleit1.2.9 – 1.2.9
References
- MISChttp://phpscheduleit.svn.sourceforge.net/viewvc/phpscheduleit/1.2.11/reserve.php?r1=318&r2=328
- EXPLOIThttp://www.exploit-db.com/exploits/18037
- MISChttp://www.osvdb.org/48797
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/45617
- EXPLOIThttp://www.exploit-db.com/exploits/6646
- VENDOR_ADVISORYhttp://secunia.com/advisories/32073
- MISChttp://sourceforge.net/project/shownotes.php?release_id=662749
- MISChttp://www.securityfocus.com/bid/31520