mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-05 06:10:47 +00:00
847 B
847 B
CVE-2014-5519
Description
The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell metacharacters in a device option in the edit[content] parameter to index.php/HeIp. NOTE: some of these details are obtained from third party information.
POC
Reference
- http://packetstormsecurity.com/files/128031/PhpWiki-Ploticus-Command-Injection.html
- http://seclists.org/fulldisclosure/2014/Aug/77
- http://seclists.org/oss-sec/2014/q3/456
Github
No PoCs found on GitHub currently.