PHPUnit 漏洞列表

共找到 1 个与 PHPUnit 相关的漏洞

📅 加载漏洞趋势中...

CVE-2017-9841: PHPUnit - Remote Code Execution POC

日期: 2025-08-01 | 影响软件: PHPUnit

PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring via Util/PHP/eval-stdin.php , as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.