search

MongoDB-Rox / phpMoAdmin-MongoDB-Admin-Tool-for-PHP

MongoDB administration tool for PHP built on a stripped-down version of the Vork high-performance framework
http://www.phpMoAdmin.com
GNU General Public License v3.0
187 stars 86 forks source link

Reintroducing old security flaws #30

Open wireghoul opened 6 years ago

wireghoul commented 6 years ago

Hello,

I noticed that you reverted the security patch from in version 1.1.5, thus commit #d9f34eebffb8efb4dfe2ff8e429b97f7e16f0999 reintroduced remote code execution again.

This issue has been assigned the following identifier: CVE-2018-3816 and I hope you can resolve this issue properly this time.

S4lt5 commented 1 year ago

Yeah, please don't use this software. It looks like the dev quietly reintroduced vulns with no documentation.