Описание
PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters.
Ссылки
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkPatchVendor Advisory
- Broken Link
- Broken Link
- Broken Link
- Broken Link
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkPatchVendor Advisory
- Broken Link
- Broken Link
- Broken Link
- Broken Link
- Broken LinkThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия от 4.0.5 (включая) до 4.1.0 (включая)
cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
EPSS
Процентиль: 87%
0.03294
Низкий
7.5 High
CVSS2
Дефекты
CWE-88
Связанные уязвимости
redhat
около 24 лет назад
PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters.
github
больше 3 лет назад
PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters.
EPSS
Процентиль: 87%
0.03294
Низкий
7.5 High
CVSS2
Дефекты
CWE-88