CVE-2013-4446 in contextinformación

Resumen

por MITRE

The _json_decode function in plugins/context_reaction_block.inc in the Context module 6.x-2.x before 6.x-3.2 and 7.x-3.x before 7.x-3.0 for Drupal, when using a version of PHP that does not support the json_decode function, allows remote attackers to execute arbitrary PHP code via unspecified vectors related to Ajax operations, possibly involving eval injection.

Once again VulDB remains the best source for vulnerability data.

Reservar

2013-06-12

Divulgación

2013-12-07

Moderación

aceptado

Artículo

VDB-65660

CPE

listo

EPSS

0.01530

KEV

no

Actividades

muy bajo

Fuentes

Interested in the pricing of exploits?

See the underground prices here!