PT-2019-12045 · Php · Php-Shellcommand

Publicado

2019-12-30

·

Atualizado

2022-05-24

·

CVE-2019-10774

CVSS v3.1

10

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions php-shellcommand versions prior to 1.6.1
Description The issue allows for command injection, which could lead to arbitrary code execution if successfully exploited.
Recommendations For versions prior to 1.6.1, update to version 1.6.1 or later to resolve the issue.

Exploit

Correção

OS Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-78

Identificadores relacionados

CVE-2019-10774
GHSA-C7FV-WV9F-CGJW
SNYK-PHP-MIKEHAERTLPHPSHELLCOMMAND-538426

Produtos afetados

Php-Shellcommand