Skip to content

Create basicrce.php

91d3e70
Select commit
Loading
Failed to load commit list.
Open

Create basicrce.php #284

Create basicrce.php
91d3e70
Select commit
Loading
Failed to load commit list.
ZeroPath AI / Security Check failed Dec 3, 2025 in 2s

Scan completed

Blocking issue(s) found.

Details

Possible security or compliance issues detected. Reviewed everything up to 91d3e70.

The following issues were found:

  • OS Command Injection / Remote Code Execution (RCE)
    • Location: basicrce.php:5
    • Score: CRITICAL (100.0)
    • Description: Critical remote code execution: user-controlled input from the HTTP GET parameter 'cmd' is passed directly into PHP's system() function, which executes the string in a shell. This allows an attacker to inject arbitrary OS commands (for example using ;, &&, |, backticks, $(...), etc.), resulting in full server compromise, data exfiltration, or lateral movement.
    • Link to UI: https://zeropath.com/app/issues/5b25a60e-7682-4b7c-9aca-b2ec5133d191
Security Overview
Detected Code Changes
Change Type Relevant files
New file ► basicrce.php
    Add basicrce.php

Reply to this PR with @zeropath-ai followed by a description of what change you want and we'll auto-submit a change to this PR to implement it.