Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
PHP Improper Neutralization of Argument Delimiters in a Command (Argument Injection) Vulnerability - CVE-2002-0985 - Vulnerability Database
PHP

PHP Improper Neutralization of Argument Delimiters in a Command (Argument Injection) Vulnerability - CVE-2002-0985

High
Reference: CVE-2002-0985
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2002-0985
Title: PHP Improper Neutralization of Argument Delimiters in a Command (Argument Injection) Vulnerability
Overview:

Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail() altering MTA behavior and possibly executing commands.