CVE-2007-1382
PHP COM - RCE
Title source: llmDescription
The PHP COM extensions for PHP on Windows systems allow context-dependent attackers to execute arbitrary code via a WScript.Shell COM object, as demonstrated by using the Run method of this object to execute cmd.exe, which bypasses PHP's safe mode.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by anonymous · phplocalwindows
https://www.exploit-db.com/exploits/3429
Scores
EPSS
0.0020
EPSS Percentile
42.0%
Details
Status
published
Products (1)
php/com_extensions
Published
Mar 10, 2007
Tracked Since
Feb 18, 2026