CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Oracle: >> Communications Diameter Signaling Router >> 8.3.0.0 Security Vulnerabilities

CVE-2017-9841

Known exploited

Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.

CVSS Score

9.8

EPSS Score

0.944

Published

2017-06-27

Page 4

Vulnerabilities

Vulnerable Software

Oracle: >> Communications Diameter Signaling Router >> 8.3.0.0 Security Vulnerabilities

Products

Pricing

Contact Us