A PoC exploit for CVE-2017-9841 - PHPUnit Remote Code ... - GitHub
The fix was surgical: remove the file, revoke keys, patch the deployment pipeline. But Maya couldn't shake the feeling. A 3-line PHP file, left behind by accident, had nearly cost them everything. vendor phpunit phpunit src util php eval-stdin.php exploit
CVE-2017-9841 (Primary), related to component usage. Affected Component: <phpunit>/src/Util/PHP/eval-stdin.php Severity: Critical (CVSS 9.8) Affected Versions: PHPUnit before 4.8.28 and 5.x before 5.6.3. A PoC exploit for CVE-2017-9841 - PHPUnit Remote Code
