6 matches found
EUVD-2022-3545
Malicious code in bioql PyPI...
GHSA-C95F-27GX-6VQ9 phpWhois arbitrary code execution via a crafted whois record
phpWhois allows remote attackers to execute arbitrary code via a crafted whois record...
CVE-2015-5243
phpWhois allows remote attackers to execute arbitrary code via a crafted whois record...
Code injection
phpWhois allows remote attackers to execute arbitrary code via a crafted whois record...
CVE-2015-5243
phpWhois allows remote attackers to execute arbitrary code via a crafted whois record...
CVE-2015-5243
CVE-2015-5243 affects phpWhois and several forks. The vulnerability arises from the generic_parser_b in the WHOIS data parser, which builds PHP statements and passes them to eval, allowing arbitrary code execution when processing crafted WHOIS records. Impact is remote code execution via manipula...