Short Name |
HTTP:PHP:PHP-XML-CMD |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
PHP XML Command Execution |
Release Date |
2005/07/07 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against an XML transmission. Attackers can craft a malicious command injection that can lead to arbitrary code execution within the context of the Web server. Multiple Content Management Systems using PHP might be vulnerable to this family of attacks.
XML-RPC for PHP is affected by a remote code-injection vulnerability. An attacker may exploit this issue to execute arbitrary commands or code in the context of the webserver. This may facilitate various attacks, including unauthorized remote access. XML-RPC for PHP 1.1 and prior versions are affected by this issue. Other applications using this library are also affected.