CVE-2006-1032 | Vulnerability Database | Aqua Security

Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier, as used by runcms, exoops, and possibly other programs, allows remote attackers to execute arbitrary PHP code via the base64 tag.

Affected Software

Name	Vendor	Start Version	End Version
Phprpc	Phprpc	0.7 (including)	0.7 (including)
Phprpc	Phprpc	0.8 (including)	0.8 (including)
Phprpc	Phprpc	0.9 (including)	0.9 (including)

References

http://secunia.com/advisories/19028
http://secunia.com/advisories/19058
http://securityreason.com/securityalert/502
http://securitytracker.com/id?1015691
http://www.gulftech.org/?node=research\u0026article_id=00105-02262006
http://www.securityfocus.com/archive/1/426193
http://www.securityfocus.com/bid/16833
http://www.vupen.com/english/advisories/2006/0745
http://secunia.com/advisories/19028
http://secunia.com/advisories/19058
http://securityreason.com/securityalert/502
http://securitytracker.com/id?1015691
http://www.gulftech.org/?node=research\u0026article_id=00105-02262006
http://www.securityfocus.com/archive/1/426193
http://www.securityfocus.com/bid/16833
http://www.vupen.com/english/advisories/2006/0745

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-1032
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html