CVE-2018-19290P2CRITICALCVSS 9.8PoC≥ 0.6, ≤ 4.02018-11-30
CVE-2018-19290 [CRITICAL] CWE-78 CVE-2018-19290: In modules/HELPBOT_MODULE in Budabot 0.6 through 4.0, lax syntax validation allows remote attackers
In modules/HELPBOT_MODULE in Budabot 0.6 through 4.0, lax syntax validation allows remote attackers to perform a command injection attack against the PHP daemon with a crafted command, resulting in a denial of service or possibly unspecified other impact, as demonstrated by the "!calc 5 x 5" command. In versions before 3.0, modules/HELPBOT_MODULE/ca
nvd