Floragasse 7 – 5th floor, 1040 Vienna

News

Security Advisory: CVE-2015-5243 rediscovered: phpWhois before 5.1.0 PHP Code Injection

phpWhois and some of its forks in versions before 5.1.0 are prone to a code injection vulnerability due to insufficient sanitization of returned
WHOIS data. This allows attackers controlling the WHOIS information of a
requested domain to execute arbitrary PHP code in the context of the application.

Full security advisory: https://github.com/sbaresearch/advisories/tree/public/2018/SBA-ADV-20180425-01_phpWhois_Code_Execution

This Website uses Cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close