MidnightBSD

Advisories for fuelphp

CVE-2014-1999 HIGH

The auto-format feature in the Request_Curl class in FuelPHP 1.1 through 1.7.1 allows remote attackers to execute arbitrary code via a crafted response.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
fuelphp fuelphp 1.2.1
fuelphp fuelphp 1.6.1
fuelphp fuelphp 1.3
fuelphp fuelphp 1.4
fuelphp fuelphp 1.7
fuelphp fuelphp 1.6
fuelphp fuelphp 1.7.1
fuelphp fuelphp 1.5.1
fuelphp fuelphp 1.1
fuelphp fuelphp 1.2
fuelphp fuelphp 1.5
fuelphp fuelphp 1.5.3
fuelphp fuelphp 1.5.2