CVE-2015-2208
72Vexday Risk Score
Patch now. It exploitation observed by VulnCheck and has a working public exploit.
ssvc Actepss 62%
from disclosure to weapon0 days
Published on NVDMar 12
1st PoCMar 3
metasploitMar 3
VulnCheck+2091d
exploitation probability
62%top 1% of all CVEs
observed exploitation
yesVulnCheck
4 public exploit(s)
The saveObject function in moadmin.php in phpMoAdmin 1.1.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the object parameter.
Affected products
n/a · n/apublic PoCs found — 4
githubgithub.com/ptantiku/cve-2015-2208★ 2cve_referencepacketstormsecurity.com/files/130685/PHPMoAdmin-1.1.2-Remote-Code-Execution.htmlunverifiedcve_referencewww.exploit-db.com/exploits/36251unverifiedexploitdbwww.exploit-db.com/exploits/36251unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.