CVE-2007-4596

PHP - RCE

Title source: llm

Description

The perl extension in PHP does not follow safe_mode restrictions, which allows context-dependent attackers to execute arbitrary code via the Perl eval function. NOTE: this might only be a vulnerability in limited environments.

Exploits (1)

exploitdb WORKING POC VERIFIED

by NetJackal · phplocalwindows

https://www.exploit-db.com/exploits/4314

View Code ZIP pw:eip

References (1)

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/4314

Scores

EPSS 0.0492

EPSS Percentile 89.6%

Details

CWE

CWE-94

Status published

Products (1)

php/php

Published Aug 30, 2007

Tracked Since Feb 18, 2026