Full title: Yaws 2.0.7 XML Injection / Command Injection Vulnerability 
Category: web applications
Platform: php
Yaws versions 1.81 through 2.0.7 suffer from remote OS command injection and XML external entity injection vulnerabilities.

# 0day.today @ http://0day.today/