Description
The eping_validaddr function in functions.php for the ePing plugin for e107 portal allows remote attackers to execute arbitrary commands via shell metacharacters after a valid argument to the eping_host parameter.
Remediation
References
Related Vulnerabilities
Apache HTTP Server Out-of-bounds Read Vulnerability (CVE-2017-7668)
Grafana CVE-2021-27358 Vulnerability (CVE-2021-27358)
MySQL CVE-2022-21249 Vulnerability (CVE-2022-21249)
WordPress Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2003-1599)
WordPress Plugin Titan Anti-spam & Security Cross-Site Scripting (4.1)