CVE-2017-9841
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data...
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- June 24, 2017
- Published Date
- June 27, 2017
- Last Updated
- February 07, 2025
- Vendor
- n/a
- Product
- n/a
- Description
- Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "
CVSS Scores
SSVC Information
- Exploitation
- active
- Automatable
- Yes
- Technical Impact
- total
References
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2022-02-15 00:00:00 UTC |
Scanner Integrations
| Scanner | URL | Date Detected |
|---|---|---|
| Nuclei | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2017/CVE-2017-9841.yaml | 2025-04-26 00:00:00 UTC |
Potential Proof of Concepts
Warning: These PoCs have not been tested and could contain malware. Use at your own risk.
Chocapikk/CVE-2017-9841
Type: github • Created: 2023-08-27 21:20:19 UTC • Stars: 4
MrG3P5/CVE-2017-9841
Type: github • Created: 2023-03-13 07:42:32 UTC • Stars: 4
dream434/CVE-2017-9841
Type: github • Created: 2022-11-21 16:36:48 UTC • Stars: 1
jax7sec/CVE-2017-9841
Type: github • Created: 2022-04-20 07:01:20 UTC • Stars: 0
p1ckzi/CVE-2017-9841
Type: github • Created: 2022-04-09 11:12:58 UTC • Stars: 2
akr3ch/CVE-2017-9841
Type: github • Created: 2022-03-20 07:01:52 UTC • Stars: 2
cyberharsh/Php-unit-CVE-2017-9841
Type: github • Created: 2020-06-24 09:37:04 UTC • Stars: 0
mbrasile/CVE-2017-9841
Type: github • Created: 2020-01-06 23:27:15 UTC • Stars: 0