cbcvebase.
CVE-2008-5071
published 2008-11-14

CVE-2008-5071: Multiple eval injection vulnerabilities in itpm_estimate.php in Yoxel 1.23beta and earlier allow remote authenticated users to execute arbitrary PHP code via…

PriorityP351critical9CVSS 2.0
AVNACLAuSCCICAC
EXPLOIT
EPSS
6.28%
92.7th percentile
Multiple eval injection vulnerabilities in itpm_estimate.php in Yoxel 1.23beta and earlier allow remote authenticated users to execute arbitrary PHP code via the proj_id parameter.

Affected

21 ranges
VendorProductVersion rangeFixed in
yoxelyoxel<= 1.23beta
yoxelyoxel
yoxelyoxel
yoxelyoxel
yoxelyoxel
yoxelyoxel
yoxelyoxel
yoxelyoxel
yoxelyoxel
yoxelyoxel
yoxelyoxel
yoxelyoxel
yoxelyoxel
yoxelyoxel
yoxelyoxel
yoxelyoxel
yoxelyoxel
yoxelyoxel
yoxelyoxel
yoxelyoxel
yoxelyoxel
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.