https://github.com/k3ystr0k3r/cve-2017-9841-exploit

A PoC exploit for CVE-2017-9841 - PHPUnit Remote Code Execution(RCE)
https://github.com/k3ystr0k3r/cve-2017-9841-exploit

cve-1017-9841 exploit exploitation php phpunit poc proof-of-concept rce remote-code-execution-rce

Last synced: 4 months ago
JSON representation

A PoC exploit for CVE-2017-9841 - PHPUnit Remote Code Execution(RCE)

Host: GitHub
URL: https://github.com/k3ystr0k3r/cve-2017-9841-exploit
Owner: K3ysTr0K3R
Created: 2025-06-10T19:10:49.000Z (5 months ago)
Default Branch: main
Last Pushed: 2025-06-28T16:10:48.000Z (4 months ago)
Last Synced: 2025-06-28T17:23:46.907Z (4 months ago)
Topics: cve-1017-9841, exploit, exploitation, php, phpunit, poc, proof-of-concept, rce, remote-code-execution-rce
Language: Go
Homepage:
Size: 3.91 KB
Stars: 0
Watchers: 0
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# CVE-2017-9841 - PHPUnit Remote Code Execution(RCE)

This vulnerability affects PHPUnit versions before 4.8.28 and all 5.x versions before 5.6.3. It allows attackers to execute arbitrary PHP code on servers where PHPUnit is exposed. The issue exists in the `eval-stdin.php` file located in PHPUnit's Util/PHP directory. When this file is accessible (typically when the /vendor folder is exposed), attackers can send malicious HTTP POST requests containing PHP code starting with `

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/k3ystr0k3r/cve-2017-9841-exploit

Awesome Lists containing this project

README