CVE-2013-1349 Information

Description

Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter.

Reference

http://karmainsecurity.com/KIS-2013-10 http://secunia.com/advisories/55913 http://sourceforge.net/p/opensis-ce/bugs/59/ http://sourceforge.net/p/opensis-ce/code/1009