CyberSec.Space Logo
Back to CVE Browser

CVE-2000-0059

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1000%
EPSS Percentile18.68th
PublishedJan 4, 2000
Last ModifiedApr 16, 2026

Vulnerability Description

PHP3 with safe_mode enabled does not properly filter shell metacharacters from commands that are executed by popen, which could allow remote attackers to execute commands.

Affected Platforms (CPE)

πŸ“¦
Php

Php

= 3.0
πŸ“¦
Php

Php

= 3.0.1
πŸ“¦
Php

Php

= 3.0.2
πŸ“¦
Php

Php

= 3.0.3
πŸ“¦
Php

Php

= 3.0.4
πŸ“¦
Php

Php

= 3.0.5
πŸ“¦
Php

Php

= 3.0.6
πŸ“¦
Php

Php

= 3.0.7
πŸ“¦
Php

Php

= 3.0.8
πŸ“¦
Php

Php

= 3.0.9
πŸ“¦
Php

Php

= 3.0.10
πŸ“¦
Php

Php

= 3.0.11
πŸ“¦
Php

Php

= 3.0.12
πŸ“¦
Php

Php

= 3.0.13

References & Advisories

πŸ”— http://www.securityfocus.com/bid/911
πŸ”— http://www.securityfocus.com/bid/911

Related Vulnerabilities

CVE-2020-2521310.0

The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP cod...

CVE-2020-2418610.0

A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthe...

CVE-2020-896710.0

There is an improper Neutralization of Special Elements used in an SQL Command (SQL Injection) vulnerability in php files of GESIO...

CVE-2020-3594910.0

An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It made it possible for unauthenticated a...