RSS   Vulnerabilities for 'Payment client'   RSS

2007-09-18
 
CVE-2007-4925

CWE-20
 

 
The ewirePC_Decrypt function in ewirepcfunctions.php in eWire Payment Client (ePC) 1.60 and 1.70 allows remote attackers to execute arbitrary commands via shell metacharacters in the paymentinfo parameter to simplePHPLinux/3payment_receive.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top