CVE-2012-10037 PUBLISHED

PhpTax version 0.8 contains a remote code execution vulnerability in drawimage.php. The pfilez GET parameter is unsafely passed to the exec() function without sanitization. A remote attacker can inject arbitrary shell commands, leading to code execution under the web server's context. No authentication is required.

• Jean Pascal Pereira finder

• https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/phptax_exec.rb
• https://www.exploit-db.com/exploits/21665
• https://www.exploit-db.com/exploits/21833
• https://sourceforge.net/projects/phptax/

• CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE

• CAPEC-88 OS Command Injection