Description
PHP in CGI mode on Windows has an argument injection vulnerability. An unauthenticated attacker can execute arbitrary commands on the affected system by sending a specially crafted HTTP request.
Remediation
Upgrade to the latest version of PHP.
References
Related Vulnerabilities
MySQL CVE-2022-21279 Vulnerability (CVE-2022-21279)
Oracle JRE CVE-2013-5850 Vulnerability (CVE-2013-5850)
Oracle Application Server CVE-2008-3986 Vulnerability (CVE-2008-3986)
Jboss EAP Session Fixation Vulnerability (CVE-2021-20324)
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5323)