Neutered Puppy Masquerade
buttle

Command Injection

Severity: critical

Overview

All versions of buttle are vulnerable to command injection. Remote command execution is possible when buttle is run with the --php-bin flag.

Remediation

No fix is currently available for this vulnerability. It is our recommendation to not install or use this module at this time.

Vulnerable versions

0.0.1
5 years ago
0.0.2
5 years ago
0.0.3
5 years ago
0.0.4
5 years ago
0.0.5
4 years ago
0.0.7
4 years ago
0.0.8
4 years ago
0.0.9
4 years ago
0.0.10
4 years ago
0.1.0
3 years ago
0.1.1
3 years ago
0.2.0
3 years ago

Unaffected versions

Resources

Advisory timeline

  1. published

    Advisory published
    May 16th, 2018
  2. reported

    May 16th, 2018