Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:MISC:PHPWIKI-SHELL-CE
Severity	Major
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	PhpWiki Shell Metacharacters Remote Code Execution
Release Date	2015/06/09
Update Number	2503
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: PhpWiki Shell Metacharacters Remote Code Execution

This signature detects attempts to exploit a known vulnerability against PhpWiki. A successful exploit can lead to remote code execution.

Extended Description

The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell metacharacters in a device option in the edit[content] parameter to index.php/HeIp. NOTE: some of these details are obtained from third party information.

Affected Products

Phpwiki_project phpwiki 1.5.0

References

CVE: CVE-2014-5519
URL: https://sourceforge.net/p/phpwiki/code/8974/?page=1
URL: http://seclists.org/fulldisclosure/2014/Aug/77

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: PhpWiki Shell Metacharacters Remote Code Execution

Extended Description

Affected Products

References