Description
doping.php in ePing plugin 1.02 and earlier for e107 portal allows remote attackers to execute arbitrary code or overwrite files via (1) shell metacharacters in the eping_count parameter or (2) restricted shell metacharacters such as ">" and "&" in the eping_host parameter, which is not handled by the validation function.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Js External Link Info Cross-Site Scripting (1.21)
WordPress Plugin Wow Forms-create any form with custom style SQL Injection (3.1.3)
WordPress Plugin MF Gig Calendar 'page_id' Parameter Cross-Site Scripting (0.9.4.1)
WordPress Plugin PhonePe Payment Solutions Server-Side Request Forgery (1.0.15)