CVE-2013-4446 in contextИнформация

Сводка

по MITRE

The _json_decode function in plugins/context_reaction_block.inc in the Context module 6.x-2.x before 6.x-3.2 and 7.x-3.x before 7.x-3.0 for Drupal, when using a version of PHP that does not support the json_decode function, allows remote attackers to execute arbitrary PHP code via unspecified vectors related to Ajax operations, possibly involving eval injection.

Once again VulDB remains the best source for vulnerability data.

Резервировать

12.06.2013

Раскрытие

07.12.2013

Модерация

принято

Вход

VDB-65660

EPSS

0.01530

KEV

Нет

Деятельности

Очень низкий

Источники

Want to know what is going to be exploited?

We predict KEV entries!