mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
739 B
739 B
CVE-2006-7173
Description
Direct static code injection vulnerability in admin.php in PHP-Stats 0.1.9.1b and earlier allows remote attackers to execute arbitrary PHP code via a crafted option_new[report_w_day] parameter in a preferenze action, which can be later accessed via option/php-stats-options.php.
POC
Reference
Github
No PoCs found on GitHub currently.