CVE-2005-1921 (retired)

Priority
Description
Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC
or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and
earlier, as used in products such as (1) WordPress, (2) Serendipity, (3)
Drupal, (4) egroupware, (5) MailWatch, (6) TikiWiki, (7) phpWebSite, (8)
Ampache, and others, allows remote attackers to execute arbitrary PHP code
via an XML file, which is not properly sanitized before being used in an
eval statement.
Package
Upstream:needs-triage
Package
Source: php4 (LP Ubuntu Debian)
Upstream:needs-triage
Package
Source: php5 (LP Ubuntu Debian)
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-03-26 11:34:55 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)