CVE-2013-10070 | PHP-Charts 1.0 GET Parameter wizard/url.php eval eval injection (EDB-24201)

A vulnerability has been found in PHP-Charts 1.0 and classified as critical. Affected by this vulnerability is the function eval of the file wizard/url.php of the component GET Parameter Handler. The manipulation leads to improper neutralization of directives in dynamically evaluated code. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is known as CVE-2013-10070. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2013-10070 | PHP-Charts 1.0 GET Parameter wizard/url.php eval eval injection (EDB-24201)

Post correlati

CVE-2025-9147 | jasonclark getsemantic up to 040c96eb8cf9947488bd01b8de99b607b0519f7d /index.php view cross site scripting

CVE-2024-7587 | ICONICS Electric MC Works64 default permission (icsa-24-296-01)

CVE-2024-2413 | Intumit SmartRobot up to 6.1.2-202212tw hard-coded key

CVE-2024-31013 | Emlog Pro 2.3 Homepage footer_info cross site scripting (Issue 291)