CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2692

The exec_dir PHP patch (php-exec-dir) 4.3.2 through 4.3.7 with safe mode disabled allows remote attackers to bypass restrictions and execute arbitrary commands via a backtick operator, which is not handled using the php_escape_shell_cmd function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.093

EPSS Ranking 92.4%

CVSS Severity

CVSS v2 Score 9.3

References

Products affected by CVE-2004-2692

Kyberdigi Labs » Php-Exec-Dir » Version: 4.3.2

cpe:2.3:a:kyberdigi_labs:php-exec-dir:4.3.2
Kyberdigi Labs » Php-Exec-Dir » Version: 4.3.3

cpe:2.3:a:kyberdigi_labs:php-exec-dir:4.3.3
Kyberdigi Labs » Php-Exec-Dir » Version: 4.3.4

cpe:2.3:a:kyberdigi_labs:php-exec-dir:4.3.4
Kyberdigi Labs » Php-Exec-Dir » Version: 4.3.5

cpe:2.3:a:kyberdigi_labs:php-exec-dir:4.3.5
Kyberdigi Labs » Php-Exec-Dir » Version: 4.3.6

cpe:2.3:a:kyberdigi_labs:php-exec-dir:4.3.6
Kyberdigi Labs » Php-Exec-Dir » Version: 4.3.7

cpe:2.3:a:kyberdigi_labs:php-exec-dir:4.3.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2692

Products

Pricing

Contact Us