University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command (by means of the imap_rimap function in c-client/imap4r1.c and the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
Ubuntu
Code Injection
Debian
PHP
Debian Linux
+2
NVD
GitHub
Exploit-DB
CVSS 3.1
7.5
EPSS
95.2%
An issue was discovered in SDCMS 1.6 with PHP 5.x. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Code Injection
RCE
PHP
Sdcms
NVD
GitHub
CVSS 3.0
8.8
EPSS
2.9%