Skip to content

Create basicrce.php #284

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
r0path wants to merge 1 commit into
base: main
Choose a base branch
from

Create basicrce.php

91d3e70
Select commit
Loading
Failed to load commit list.
Open

Create basicrce.php #284

Create basicrce.php
91d3e70
Select commit
Loading
Failed to load commit list.
ZeroPath AI / Security Check failed Dec 3, 2025 in 2s

Scan completed

Blocking issue(s) found.

Details

Possible security or compliance issues detected. Reviewed everything up to 91d3e70.

The following issues were found:

  • OS Command Injection / Remote Code Execution (RCE)
    • Location: basicrce.php:5
    • Score: CRITICAL (100.0)
    • Description: Critical remote code execution: user-controlled input from the HTTP GET parameter 'cmd' is passed directly into PHP's system() function, which executes the string in a shell. This allows an attacker to inject arbitrary OS commands (for example using ;, &&, |, backticks, $(...), etc.), resulting in full server compromise, data exfiltration, or lateral movement.
    • Link to UI: https://zeropath.com/app/issues/5b25a60e-7682-4b7c-9aca-b2ec5133d191
Security Overview
Detected Code Changes
Change Type Relevant files
New file ► basicrce.php
    Add basicrce.php

Reply to this PR with @zeropath-ai followed by a description of what change you want and we'll auto-submit a change to this PR to implement it.

View more details on ZeroPath AI