Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HOracle Communications Diameter Signaling Router
APPOracle8.0.0 – 8.5.0Phpunit Project Phpunit
APPPhpunit Project≤ 4.8.275.0.0 – 5.6.3 (bez)
CISA KEV — detailsi
- Vendori
- PHPUnit
- Producti
- PHPUnit
- Added to KEVi
- February 15, 2022
- Remediation deadline (US Federal)i
- August 15, 2022(overdue)
Apply updates per vendor instructions.
PHPUnit allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.
Related vulnerabilities
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invoc...
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A sp...
A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to ...
Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0...
Apache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3....