Static code injection vulnerability in translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote attackers to inject arbitrary PHP code into an executable language file in the i18n directory via the lang variable.
References
Link | Resource |
---|---|
http://bugs.sitracker.org/view.php?id=1737 | Exploit |
http://www.exploit-db.com/exploits/18132/ | Exploit |
http://www.openwall.com/lists/oss-security/2011/11/22/3 | Exploit |
http://www.securityfocus.com/archive/1/520577 | Exploit |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2022-10-03T16:15:15
Updated: 2022-10-03T16:15:15
Reserved: 2022-10-03T00:00:00
Link: CVE-2011-4337
JSON object: View
NVD Information
Status : Analyzed
Published: 2012-01-29T11:55:01.830
Modified: 2012-02-02T05:00:00.000
Link: CVE-2011-4337
JSON object: View
Redhat Information
No data.
CWE