Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PHKP version including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b contains a Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in function pgp_exec() phkp.php:98 that can result in It is possible to manipulate gpg-keys or execute commands remotely. This attack appear to be exploitable via HKP-Api: /pks/lookup?search.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PHKP 命令注入漏洞
Vulnerability Description
PHKP是一款基于PHP的OpenPGP HTTP秘钥服务器协议的实现。 PHKP commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b版本中的phkp.php文件的‘pgp_exec()’函数存在命令注入漏洞。远程攻击者可利用该漏洞篡改gpg-keys或执行命令。
CVSS Information
N/A
Vulnerability Type
N/A