Home / os / winmobile

xdebug Unauthenticated OS Command Execution

Posted on 02 May 2018

This Metasploit module exploits a vulnerability in the eval command present in Xdebug versions 2.5.5 and below. This allows the attacker to execute arbitrary php code as the context of the web user.

 

TOP