Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-1437 — S Engelschall Eperl vulnerability

4 documents4 sources

Severity

7.5HIGHNVD

EPSS

7.1%

top 8.43%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Ralf S Engelschall Eperl

Timeline

PublishedJul 7

Latest updateApr 30

Description

ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDralf_s_engelschall/eperl2.2.12

🔴Vulnerability Details

GHSA

GHSA-74xc-6hpg-hp8m: ePerl 2↗2022-04-30

▶

CVEList

CVE-1999-1437: ePerl 2↗2002-03-09

▶

💥Exploits & PoCs

Exploit-DB

Ralf S. Engelschall ePerl 2.2.12 - Handling of ISINDEX Query↗1998-07-06

▶