Remote Code Execution via Eval Injection in openSIS 4.5 through 5.2

Remote Code Execution via Eval Injection in openSIS 4.5 through 5.2

CVE-2013-1349 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter.

Learn more about our Web Application Penetration Testing UK.