CVE-2006-1032 Information

Description

Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier as used by runcms exoops and possibly other programs allows remote attackers to execute arbitrary PHP code via the base64 tag.

Reference

http://secunia.com/advisories/19028 http://secunia.com/advisories/19058 http://securityreason.com/securityalert/502 http://securitytracker.com/id?1015691 http://www.gulftech.org/?node=research&article_id=00105-02262006 http://www.securityfocus.com/archive/1/426193 http://www.securityfocus.com/bid/16833 http://www.vupen.com/english/advisories/2006/0745