CVE-2008-5920
The create_anchors function in utils.inc in WebSVN 1.x allows remote attackers to execute arbitrary PHP code via a crafted username that is processed by the preg_replace function with the eval switch.
| Software | From | Fixed in |
|---|---|---|
| tigris / websvn | 1.20 | 1.20.x |
| tigris / websvn | 1.34 | 1.34.x |
| tigris / websvn | 1.02 | 1.02.x |
| tigris / websvn | 1.03 | 1.03.x |
| tigris / websvn | 1.37 | 1.37.x |
| tigris / websvn | 1.51 | 1.51.x |
| tigris / websvn | 1.39 | 1.39.x |
| tigris / websvn | 1.10 | 1.10.x |
| tigris / websvn | 1.32 | 1.32.x |
| tigris / websvn | 1.60 | 1.60.x |
| tigris / websvn | 1.00 | 1.00.x |
| tigris / websvn | 1.38 | 1.38.x |
| tigris / websvn | 1.01 | 1.01.x |
| tigris / websvn | 1.40 | 1.40.x |
| tigris / websvn | 1.62 | 1.62.x |
| tigris / websvn | 1.31a | 1.31a.x |
| tigris / websvn | 1.04 | 1.04.x |
| tigris / websvn | 1.61 | 1.61.x |
| tigris / websvn | 1.33 | 1.33.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime