header-logo
Suggest Exploit
vendor:
PHPPing
by:
SecurityFocus
7.5
CVSS
HIGH
Remote Command Execution
78
CWE
Product Name: PHPPing
Affected Version From: PHPPing 1.0
Affected Version To: PHPPing 1.0
Patch Exists: No
Related CWE: N/A
CPE: a:phpping:phpping:1.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

A vulnerability in PHPPing

The vulnerability exists in the index.php script file. Some variables are not properly sanitized of malicious shell metacharacters. An attacker can exploit this vulnerability by executing the PHPPing script and include malicious shell metacharacters as values for various parameters.

Mitigation:

No known mitigation
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7030/info

A vulnerability has been reported in PHPPing that may allow remote attackers to execute commands on vulnerable systems.

The vulnerability exists in the index.php script file. Some variables are not properly sanitized of malicious shell metacharacters. An attacker can exploit this vulnerability by executing the PHPPing script and include malicious shell metacharacters as values for various parameters.

http://www.target.com/phpping/index.php?pingto=www.test.com%20|%20dir

Navigation

Suggest Exploit

Services By CQR