Lucene search
K

7 matches found

NVD
NVD
added 2018/08/20 9:29 p.m.18 views

CVE-2015-5243

phpWhois allows remote attackers to execute arbitrary code via a crafted whois record...

9.8CVSS9.5AI score0.06195EPSS
Exploits1References6
CVE
CVE
added 2018/08/20 9:0 p.m.51 views

CVE-2015-5243

CVE-2015-5243 affects phpWhois and several forks. The vulnerability arises from the generic_parser_b in the WHOIS data parser, which builds PHP statements and passes them to eval, allowing arbitrary code execution when processing crafted WHOIS records. Impact is remote code execution via manipula...

9.8CVSS9.4AI score0.06195EPSS
Exploits1References6Affected Software1
Friends Of PHP
Friends Of PHP
added 2018/05/29 6:12 p.m.16 views

PHP Code Injection

phpWhois PHP Code Injection\nVulnerability Overview\nphpWhois and some of its forks in versions before 5.1.0 are prone to a\ncode injection vulnerability due to insufficient sanitization of returned\nWHOIS data. This allows attackers controlling the WHOIS information of a\nrequested domain to...

7.5CVSS9.7AI score0.06195EPSS
Exploits1Affected Software1
Friends Of PHP
Friends Of PHP
added 2018/05/29 6:12 p.m.33 views

PHP Code Injection

phpWhois PHP Code Injection Vulnerability Overview phpWhois and some of its forks in versions before 5.1.0 are prone to a code injection vulnerability due to insufficient sanitization of returned WHOIS data. This allows attackers controlling the WHOIS information of a requested domain to execute...

9.8CVSS9.7AI score0.06195EPSS
Exploits1Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.18 views

PHP Code Injection

phpWhois PHP Code Injection\nVulnerability Overview\nphpWhois and some of its forks in versions before 5.1.0 are prone to a\ncode injection vulnerability due to insufficient sanitization of returned\nWHOIS data. This allows attackers controlling the WHOIS information of a\nrequested domain to...

7.5CVSS9.7AI score0.06195EPSS
Exploits1Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.25 views

PHP Code Injection

phpWhois PHP Code Injection\nVulnerability Overview\nphpWhois and some of its forks in versions before 5.1.0 are prone to a\ncode injection vulnerability due to insufficient sanitization of returned\nWHOIS data. This allows attackers controlling the WHOIS information of a\nrequested domain to...

7.5CVSS9.7AI score0.06195EPSS
Exploits1Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.23 views

PHP Code Injection

phpWhois PHP Code Injection\nVulnerability Overview\nphpWhois and some of its forks in versions before 5.1.0 are prone to a\ncode injection vulnerability due to insufficient sanitization of returned\nWHOIS data. This allows attackers controlling the WHOIS information of a\nrequested domain to...

7.5CVSS9.7AI score0.06195EPSS
Exploits1Affected Software1
Rows per page
Query Builder