Arbitrary Code Execution Vulnerability in FuelPHP's Request_Curl Auto-Format Feature
CVE-2014-1999 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
The auto-format feature in the Request_Curl class in FuelPHP 1.1 through 1.7.1 allows remote attackers to execute arbitrary code via a crafted response.
Learn more about our Web Application Penetration Testing UK.