CVE-2011-10011
published 2025-08-13CVE-2011-10011: WeBid 1.0.2 contains a remote code injection vulnerability in the converter.php script, where unsanitized input in the to parameter of a POST request is…
PriorityP272critical10CVSS 4.0
AVNACLATNPRNUINVCHVIHVAHSCHSIHSAHEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
1.59%
72.6th percentile
WeBid 1.0.2 contains a remote code injection vulnerability in the converter.php script, where unsanitized input in the to parameter of a POST request is written directly into includes/currencies.php. This allows unauthenticated attackers to inject arbitrary PHP code, resulting in persistent remote code execution when the modified script is accessed or included by the application.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| webid | webid | <= 1.0.2 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor POST requests to converter.php for suspicious or PHP-containing values in the 'to' parameter, which is written unsanitized into includes/currencies.php ↗
- →Alert on unexpected modifications to includes/currencies.php, as successful exploitation results in persistent PHP code injection into this file ↗
- →No authentication is required to exploit this vulnerability; treat any POST to converter.php from unauthenticated sessions as high-risk ↗
- ·Vulnerability is specific to WeBid version 1.0.2; detections should be scoped to deployments running this exact version ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/webid_converter.rbhttps://sourceforge.net/projects/simpleauction/https://web.archive.org/web/20121024110058/http://www.webidsupport.com/forums/showthread.php?3892https://www.exploit-db.com/exploits/17487https://www.exploit-db.com/exploits/18934https://www.vulncheck.com/advisories/webid-remote-php-code-injectionhttps://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/webid_converter.rb
2025-08-13
Published