CVE-2007-5693 Information

Description

Eval injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the edit parameter in an upd cmd action a different vulnerability than CVE-2007-5492.

Reference

http://osvdb.org/43604 http://secunia.com/advisories/27503 http://secunia.com/advisories/28008 http://securityreason.com/securityalert/3318 http://teamforge.net/viewcvs/viewcvs.cgi/tags/release-3.3.9/doc/history.txt?view=markup http://www.debian.org/security/2007/dsa-1423 http://www.gentoo.org/security/en/glsa/glsa-200711-05.xml http://www.securityfocus.com/archive/1/482499/100/0/threaded http://www.securityfocus.com/bid/26126 http://www.vupen.com/english/advisories/2007/3768