Impact
Only PCs where commands are manually executed via "For Developers" are affected. This function allows executing any PHP code within iPear which may change, damage, or steal data (files) from PC but only on the manual call of the function in the app.
Patches
Not currently patched. I'm currently looking for any safer alternatives to this function.
Workarounds
This won't affect your PC if you will not use the "For Developers" console. Just don't try to do anything via it.
References
PHP documentation on eval()
For more information
If you have any questions or comments about this advisory:
- Comment below
- Read more on the internet
- Email me at yaBobJonez
Impact
Only PCs where commands are manually executed via "For Developers" are affected. This function allows executing any PHP code within iPear which may change, damage, or steal data (files) from PC but only on the manual call of the function in the app.
Patches
Not currently patched. I'm currently looking for any safer alternatives to this function.
Workarounds
This won't affect your PC if you will not use the "For Developers" console. Just don't try to do anything via it.
References
PHP documentation on eval()
For more information
If you have any questions or comments about this advisory: