Summary
PhpTax is prone to a remote arbitrary command-execution vulnerability because it fails to properly validate user-supplied input.
An attacker can exploit this issue to execute arbitrary commands within the context of the vulnerable application.
PhpTax 0.8 is vulnerable
other versions may also be affected.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 9.7
AV:N/AC:L/Au:N/C:C/I:P/A:C
Related Vulnerabilities
- Apache Struts2 'URL' & 'Anchor' tags Arbitrary Java Method Execution Vulnerabilities
- Apache Tomcat Windows Installer Privilege Escalation Vulnerability
- AV Arcade 'ava_code' Cookie Parameter SQL Injection Vulnerability
- Admin Bot 'news.php' SQL Injection Vulnerability
- Advantech Studio 'NTWebServer.exe' Directory Traversal Vulnerability