CVE-2012-10037

PhpTax pfilez Parameter Exec Remote Code Injection

CVSS 9.3 CRITICALEPSS 1.4%CWE-78

PhpTax version 0.8 contains a remote code execution vulnerability in drawimage.php. The pfilez GET parameter is unsafely passed to the exec() function without sanitization. A remote attacker can inject arbitrary shell commands, leading to code execution under the web server's context. No authentication is required.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

PhpTax · PhpTax

public PoCs found — 3

cve_referenceraw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/phptax_exec.rbunverified cve_referencewww.exploit-db.com/exploits/21665unverified cve_referencewww.exploit-db.com/exploits/21833unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/phptax_exec.rb https://sourceforge.net/projects/phptax/https://www.exploit-db.com/exploits/21665 https://www.exploit-db.com/exploits/21833