Page 5 of 21 results (0.004 seconds)
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-4672
https://notcve.org/view.php?id=CVE-2014-4672
The CDetailView widget in Yii PHP Framework 1.1.14 allows remote attackers to execute arbitrary PHP scripts via vectors related to the value property. El widget CDetailView en Framework PHP de Yii versión 1.1.14, permite a los atacantes remotos ejecutar scripts PHP arbitrarios por medio de vectores relacionados con la propiedad value. • http://www.yiiframework.com/news/78/yii-1-1-15-is-released-security-fix • CWE-94: Improper Control of Generation of Code ('Code Injection') •