CVE-2005-2559

Name of the Vulnerable Software and Affected Versions e107 ePing plugin versions 1.02 and earlier

Description The issue allows remote attackers to execute arbitrary code or overwrite files. This can be achieved through shell metacharacters in the eping count parameter or restricted shell metacharacters such as ">" and "&" in the eping host parameter. The validation function does not properly handle these parameters.

Recommendations For e107 ePing plugin versions 1.02 and earlier, consider disabling the doping.php file until a patch is available. Restrict access to the eping count and eping host parameters to minimize the risk of exploitation. Avoid using restricted shell metacharacters in the eping host parameter.