Index Of Vendor Phpunit Phpunit Src Util Php Evalstdinphp Better 99%

She typed it into her browser, half-expecting a 404. Instead, the screen filled with a directory index—a raw, unfiltered map of the vendor folder.

The vulnerability is rooted in the file Util/PHP/eval-stdin.php . In versions of PHPUnit before and 5.x before 5.6.3 , this file contains a line of code— eval('?>' . file_get_contents('php://input')); —that processes raw data from the HTTP request body. She typed it into her browser, half-expecting a 404

directory (created by Composer) is accidentally left web-accessible in a production environment. FortiGuard Labs Impact and Risk Assessment The vulnerability is rated as and is included in the CISA Known Exploited Vulnerabilities Catalog vulhub/phpunit/CVE-2017-9841/README.md at master - GitHub She typed it into her browser