Skip to main content

Vscode Phpmd

1 CVEs product

Monthly

CVE-2021-30124 CRITICAL PATCH Act Now

The unofficial vscode-phpmd (aka PHP Mess Detector) extension before 1.3.0 for Visual Studio Code allows remote attackers to execute arbitrary code via a crafted phpmd.command value in a workspace. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE PHP Vscode Phpmd
NVD GitHub
CVSS 3.1
9.8
EPSS
3.0%
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

The unofficial vscode-phpmd (aka PHP Mess Detector) extension before 1.3.0 for Visual Studio Code allows remote attackers to execute arbitrary code via a crafted phpmd.command value in a workspace. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE PHP Vscode Phpmd
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy