CVE-2020-13756

CRITICAL EXPLOITED IN THE WILD

sabberworm/php_css_parser < 8.3.1 - Remote Code Execution via eval in allSelectors or getSelectorsBySpecificity

Title source: llm

Exploitation Summary

CVE-2020-13756 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 1 public exploit from researchers including KrE80r.

AI-analyzed exploit summary This repository provides a vulnerable Docker environment for CVE-2020-13756, a remote code execution vulnerability in Sabberworm PHP CSS Parser. The exploit demonstrates how unsanitized user input passed to `getSelectorsBySpecificity()` leads to arbitrary code execution via `eval()`.

Description

Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors() or getSelectorsBySpecificity() is called with input from an attacker.

Exploits (1)

nomisec WORKING POC

by KrE80r · poc

https://github.com/KrE80r/CVE-2020-13756-env

View Code ZIP pw:eip

This repository provides a vulnerable Docker environment for CVE-2020-13756, a remote code execution vulnerability in Sabberworm PHP CSS Parser. The exploit demonstrates how unsanitized user input passed to `getSelectorsBySpecificity()` leads to arbitrary code execution via `eval()`.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Sabberworm PHP CSS Parser < 8.3.1

No auth needed

Prerequisites: Docker · Sabberworm PHP CSS Parser < 8.3.1

MITRE ATT&CK