Unrated severityNVD Advisory· Published Aug 15, 2005· Updated Apr 16, 2026
CVE-2005-2498
CVE-2005-2498
Description
Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921.
Affected products
2- cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
33- www.hardened-php.net/advisory_152005.67.htmlnvdNot ApplicablePatchVendor Advisory
- marc.infonvdThird Party Advisory
- marc.infonvdThird Party Advisory
- marc.infonvdThird Party Advisory
- www.debian.org/security/2005/dsa-789nvdMailing ListThird Party Advisory
- www.debian.org/security/2005/dsa-798nvdMailing ListThird Party Advisory
- www.debian.org/security/2005/dsa-842nvdMailing ListThird Party Advisory
- www.gentoo.org/security/en/glsa/glsa-200509-19.xmlnvdThird Party Advisory
- www.securityfocus.com/archive/1/408125nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/14560nvdBroken LinkThird Party AdvisoryVDB Entry
- secunia.com/advisories/16431nvdBroken Link
- secunia.com/advisories/16432nvdBroken Link
- secunia.com/advisories/16441nvdBroken Link
- secunia.com/advisories/16460nvdBroken Link
- secunia.com/advisories/16465nvdBroken Link
- secunia.com/advisories/16468nvdBroken Link
- secunia.com/advisories/16469nvdBroken Link
- secunia.com/advisories/16491nvdBroken Link
- secunia.com/advisories/16550nvdBroken Link
- secunia.com/advisories/16558nvdBroken Link
- secunia.com/advisories/16563nvdBroken Link
- secunia.com/advisories/16619nvdBroken Link
- secunia.com/advisories/16635nvdBroken Link
- secunia.com/advisories/16693nvdBroken Link
- secunia.com/advisories/16976nvdBroken Link
- secunia.com/advisories/17053nvdBroken Link
- secunia.com/advisories/17066nvdBroken Link
- secunia.com/advisories/17440nvdBroken Link
- www.debian.org/security/2005/dsa-840nvdMailing List
- www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.htmlnvdBroken Link
- www.novell.com/linux/security/advisories/2005_49_php.htmlnvdBroken Link
- www.redhat.com/support/errata/RHSA-2005-748.htmlnvdBroken Link
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9569nvdBroken Link
News mentions
0No linked articles in our index yet.