Описание
Pinger 1.0 contains a remote code execution vulnerability that allows attackers to inject shell commands through the ping and socket parameters. Attackers can exploit the unsanitized input in ping.php to write arbitrary PHP files and execute system commands by appending shell metacharacters.
EPSS
Процентиль: 48%
0.00246
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 9.8
debian
2 дня назад
Pinger 1.0 contains a remote code execution vulnerability that allows ...
CVSS3: 9.8
github
2 дня назад
Pinger 1.0 contains a remote code execution vulnerability that allows attackers to inject shell commands through the ping and socket parameters. Attackers can exploit the unsanitized input in ping.php to write arbitrary PHP files and execute system commands by appending shell metacharacters.
EPSS
Процентиль: 48%
0.00246
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-78