Description
doping.php in ePing plugin 1.02 and earlier for e107 portal allows remote attackers to execute arbitrary code or overwrite files via (1) shell metacharacters in the eping_count parameter or (2) restricted shell metacharacters such as ">" and "&" in the eping_host parameter, which is not handled by the validation function.
Remediation
References
Related Vulnerabilities
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-2901)
Varnish Cache Other Vulnerability (CVE-2013-4090)
WordPress Plugin Activity Log Information Disclosure (2.2.12)
Internet Information Services Other Vulnerability (CVE-2007-2897)
WordPress Plugin Ultimate Addons for Beaver Builder Security Bypass (1.24.0)