xdebug Unauthenticated OS Command Execution
Posted on 02 May 2018
This Metasploit module exploits a vulnerability in the eval command present in Xdebug versions 2.5.5 and below. This allows the attacker to execute arbitrary php code as the context of the web user.