How one man could have pwned all your PHP programs

2018-08-30 15:13

Popular PHP package repository front end Packagist turned out to have an embarrassing command injection hole - now closed!

News URL

https://nakedsecurity.sophos.com/2018/08/30/how-one-man-could-have-pwned-all-your-php-programs/

#PHP

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
PHP		9	1	43	113	123	280

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.