WEB APPLICATION VULNERABILITIES Standard & Premium

Perl code injection

Description

This script is vulnerable to Perl injection.

Perl code injection is a vulnerability that allows an attacker to inject custom code into the server side scripting engine. This vulnerability occurs when an attacker can control all or part of an input string that is fed into an eval() function call. eval() will execute the argument as code.

Remediation

Your script should properly sanitize user input.

References

Security Issues in Perl Scripts

Related Vulnerabilities

WordPress Plugin Broadcast Live Video-Live Streaming:HTML5, WebRTC, HLS, RTSP, RTMP Remote Code Execution (5.5.15)

WordPress Plugin Newsletter Subscription Form Possible Remote Code Execution (1.1.2)

WordPress Plugin WP-Stateless-Google Cloud Storage Remote Code Execution (2.2.0)

WordPress Plugin File Manager Remote Code Execution (4.5)

Multiple vulnerabilities reported in Parallels Plesk Sitebuilder

Severity

Critical

Classification

CWE-94 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

Code Execution Acumonitor