CVE-2024-1874 | PHP up to 8.1.27/8.2.17/8.3.4 on Windows proc_open command injection

Inserito da Angelo Barbosa | Apr 13, 2024 | CVE

A vulnerability classified as critical has been found in PHP up to 8.1.27/8.2.17/8.3.4 on Windows. This affects the function proc_open. The manipulation leads to command injection.

This vulnerability is uniquely identified as CVE-2024-1874. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-1874 | PHP up to 8.1.27/8.2.17/8.3.4 on Windows proc_open command injection

Post correlati

CVE-2024-36790 | Netgear WNR614/N300 cleartext storage

CVE-2023-52712 | Huawei CurieM-WFG9B 2.28 SMI AmdPspP2CmboxV2 access control

CVE-2024-26934 | Linux Kernel up to 6.9-rc1 drivers/usb/core/sysfs.c usb_deauthorize_interface deadlock

CVE-2024-3560 | LearnPress Plugin up to 4.2.6.4 on WordPress cross site scripting