YouPHPTube.checkConfiguration.php.Remote.Code.Execution
Description
This indicates an attack attempt to exploit a Command Injection Vulnerability in YouPHPTube.
A remote attacker with knowledge of the database credentials could exploit this vulnerability by sending a crafted request to checkConfiguration.php and then subsequently browsing to the homepage. Successful exploitation could result in arbitrary code execution on the target system under the context of the server process.
Affected Products
YouPHPTube YouPHPTube 7.4
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://github.com/YouPHPTube/YouPHPTube/commit/b32b410c9191c3c5db888514c29d7921f124d883
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |