Описание
The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell metacharacters in a device option in the edit[content] parameter to index.php/HeIp. NOTE: some of these details are obtained from third party information.
The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell metacharacters in a device option in the edit[content] parameter to index.php/HeIp. NOTE: some of these details are obtained from third party information.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-5519
- http://osvdb.org/show/osvdb/110576
- http://packetstormsecurity.com/files/128031/PhpWiki-Ploticus-Command-Injection.html
- http://seclists.org/fulldisclosure/2014/Aug/77
- http://seclists.org/oss-sec/2014/q3/456
- http://seclists.org/oss-sec/2014/q3/465
- http://secunia.com/advisories/60293
- http://www.exploit-db.com/exploits/34451
Связанные уязвимости
The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell metacharacters in a device option in the edit[content] parameter to index.php/HeIp. NOTE: some of these details are obtained from third party information.
The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell metacharacters in a device option in the edit[content] parameter to index.php/HeIp. NOTE: some of these details are obtained from third party information.
The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execut ...