VYPR
Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Jun 16, 2026

CVE-2004-2692

CVE-2004-2692

Description

The exec_dir PHP patch (php-exec-dir) 4.3.2 through 4.3.7 with safe mode disabled allows remote attackers to bypass restrictions and execute arbitrary commands via a backtick operator, which is not handled using the php_escape_shell_cmd function.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • cpe:2.3:a:kyberdigi_labs:php-exec-dir:4.3.2:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:kyberdigi_labs:php-exec-dir:4.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:kyberdigi_labs:php-exec-dir:4.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:kyberdigi_labs:php-exec-dir:4.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:kyberdigi_labs:php-exec-dir:4.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:kyberdigi_labs:php-exec-dir:4.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:kyberdigi_labs:php-exec-dir:4.3.7:*:*:*:*:*:*:*
    • (no CPE)range: >=4.3.2, <=4.3.7

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.