PHP 4.3.x – Microsoft Windows Shell Escape functions Command Execution

PHP 4.3.x – Microsoft Windows Shell Escape functions Command Execution

漏洞ID 1054488 漏洞类型
发布时间 2004-06-07 更新时间 2004-06-07
图片[1]-PHP 4.3.x – Microsoft Windows Shell Escape functions Command Execution-安全小百科CVE编号 N/A
图片[2]-PHP 4.3.x – Microsoft Windows Shell Escape functions Command Execution-安全小百科CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/24173
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/10471/info

PHP is reportedly prone to a command execution vulnerability in its shell escape functions. This issue is due to a failure of PHP to properly sanitize function arguments.

This issue might allow an attacker to execute arbitrary shell commands on a computer running the vulnerable software within the security context of the web server; potentially leading to unauthorized access. Other attacks are also possible.

This issue is reported to affect PHP under Microsoft Windows version 4.3.3 and 4.3.5, it is likely that other Microsoft Windows versions are affected as well.

" || dir ||

相关推荐: Finjan SurfinGate Trailing Character URL Filter Bypassing Vulnerability

Finjan SurfinGate Trailing Character URL Filter Bypassing Vulnerability 漏洞ID 1101559 漏洞类型 Input Validation Error 发布时间 2002-09-04 更…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享