Full Baslik: php-Charts 1.0 Arbitrary PHP Code Execution Vulnerability 
Kategori: web applications
Platform: php
This Metasploit module exploits a PHP code execution vulnerability in php-Charts version 1.0 which could be abused to allow users to execute arbitrary PHP code under the context of the webserver user. The 'url.php' script calls eval() with user controlled data from any HTTP GET parameter name.

# 0day.today @ http://0day.today/