PHPUnit is a programmer-oriented testing framework for PHP. Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via …

2024年12月17日 · The vulnerability exists due to an insecure eval () function call in PHPUnit’s Eval-stdin.php file, which allows an attacker to execute arbitrary PHP code if they have access …

2021年10月6日 · Here, somebody asked your server on 26/Sep/2021:20:13:33 +0000 for /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php. Your server answered, again, with code 401.

2019年4月8日 · 想快速复现CVE-2017-9841漏洞？本指南通过Docker一键搭建环境，提供从配置到POST请求的完整复现步骤，助你快速验证此PHPUnit远程代码执行风险。

2017年6月27日 · CVE-2017-9841 : Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginni

2025年10月21日 · Secure .gov websites use HTTPS A lock () or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

2017年6月27日 · PHPUnit allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an …

PHPUnit eval-stdin.php remote command execution vulnerability CVE-2017-9841 Vulnerability Description In the version before PHPUnit 5.6.3, there is a remote code execution vulnerability, …

2019年9月5日 · CVE-2017-9841: Drupal Sites Exploited Using PHPUnit Vulnerability in Mailchimp Modules (PSA-2019-0904) Published: 2019-09-05 Attackers are leveraging a vulnerability …

2021年3月10日 · It didn't have PHPUnit on there but it tried to hit this file when it wasn't present. The same attack also tried a common attack targeting a rare Chinese PHP framework called …