CVEs-PoC/2009/CVE-2009-0820.md at ef999830cefac409bd2be04bf317a47573d9dfe5

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-06-02 07:51:39 +02:00

Files

T

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

Multiple eval injection vulnerabilities in phpScheduleIt before 1.2.11 allow remote attackers to execute arbitrary code via (1) the end_date parameter to reserve.php and (2) the start_date and end_date parameters to check.php. NOTE: the start_date/reserve.php vector is already covered by CVE-2008-6132.

POC

Reference

http://phpscheduleit.svn.sourceforge.net/viewvc/phpscheduleit/1.2.11/check.php?r1=318&r2=332
http://phpscheduleit.svn.sourceforge.net/viewvc/phpscheduleit/1.2.11/check.php?r1=318&r2=332

Github

No PoCs found on GitHub currently.

913 B Raw Blame History

CVE-2009-0820

Description

POC

Reference

Github

913 B

Raw Blame History