RULE(RULE ID:338511)

Rule General Information
Release Date: 2024-11-05
Rule Name: PHP Code Injection Detection - Code Execution Function 60
Severity:
CVE ID:
Rule Protection Details
Description: Code injection vulnerabilities are caused by the application's lax filtering of user input. Attackers can inject code into the server running the application and remotely execute the injected code. This rule is used to detect suspicious PHP code execution functions in HTTP requests.
Impact: An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software.
Affected OS: Windows, Linux, Others
Reference:
Solutions
1. Filter and escape user input to ensure that it does not contain malicious Java code. 2. Use safe apis and functions to execute code. Avoid directly concatenating user input into code. 3. Conduct regular security audits and tests to find potential code injection vulnerabilities and fix them in time.