|Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR
XML-RPC for PHP), as used in multiple products including (1) Drupal,
(2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote
attackers to execute arbitrary PHP code via certain nested XML tags in
a PHP document that should not be nested, which are injected into an
eval function call, a different vulnerability than CVE-2005-1921.