Vendor Phpunit Phpunit Src: Util Php Eval-stdin.php Exploit

File: phpunit/src/Util/PHP/eval-stdin.php

#!/usr/bin/env php <?php eval('?>'.file_get_contents('php://input')); This script would read from php://input (raw POST data) and execute it as PHP code - no authentication, no restrictions. Attackers could send a POST request containing PHP code to eval-stdin.php :

File: phpunit/src/Util/PHP/eval-stdin.php

#!/usr/bin/env php <?php eval('?>'.file_get_contents('php://input')); This script would read from php://input (raw POST data) and execute it as PHP code - no authentication, no restrictions. Attackers could send a POST request containing PHP code to eval-stdin.php :

© AEMET. Autorizado el uso de la información y su reproducción citando a AEMET como autora de la misma.

Widget

ico-widget El tiempo en tu web

Descarga nuestra App

Aplicación oficial 'El Tiempo de AEMET' (Android e iOS) App Oficial Android e iOS

Síguenos

Facebook
X
Instagram
Threads
Bluesky
LinkedIn
YouTube
Blog
RSS