CN

CyberNewsUz

Threat Intelligence Portal

LOADING0%

Yangiliklar CVE Tracker Exploitlar Hujumlar Xarita

CN

CyberNewsUz

Threat Intelligence Portal

LOADING0%

O'zbek tilidagi kiberxavfsizlik portali. Yangiliklar, CVE tracker, hujumlar bazasi.

Yangiliklar

Barcha yangiliklar
Hujumlar
Zayifliklar
O'zbekiston
Jahon

Asboblar

CVE Tracker
Exploit DB
Hujumlar bazasi
Threat xarita

Loyiha

Biz haqimizda

© 2026 CyberNewsUz. Barcha huquqlar himoyalangan.

CVE Tracker ga qaytish

CVE-2017-9841

Kritik(9.8)

Util/PHP/eval-stdin.php PHPUnit-da 4.8.28-dan oldin va 5.x-dan 5.6.3-dan oldin masofaviy tajovuzkorlarga HTTP POST ma'lumotlari orqali o'zboshimchalik bilan PHP kodini bajarishga imkon beradi, buni /vendor.e papkasiga, tashqi kirish ruxsati ochiq bo'lgan saytga qilingan hujumda ko'rsatilishi mumkin. /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.

Vendor

Phpunit Project

Product

Phpunit

CVSS Score

9.8

Nashr sanasi

27-iyn, 2017

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Manbalar

http://web.archive.org/web/20170701212357/http://phpunit.vulnbusters.com/
http://www.securityfocus.com/bid/101798
http://www.securitytracker.com/id/1039812
https://github.com/sebastianbergmann/phpunit/commit/284a69fb88a2d0845d23f42974a583d8f59bf5a5
https://github.com/sebastianbergmann/phpunit/pull/1956

CVE-2017-9841 | CyberNewsUz | CyberNewsUz