CVE-2007-5693

Description

Eval injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the edit parameter in an upd cmd action, a different vulnerability than CVE-2007-5492.

References

http://www.vupen.com/english/advisories/2007/3768

http://www.securityfocus.com/archive/1/482499/100/0/threaded

http://www.gentoo.org/security/en/glsa/glsa-200711-05.xml

http://www.debian.org/security/2007/dsa-1423

http://teamforge.net/viewcvs/viewcvs.cgi/tags/release-3.3.9/doc/history.txt?view=markup

http://securityreason.com/securityalert/3318

http://secunia.com/advisories/28008

http://secunia.com/advisories/27503

http://osvdb.org/43604

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3