[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"vulnerability-21712":17,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":44},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},{"id":18,"detectable_with":19,"vuln_details":26,"vuln_id":41,"name":42,"published":43,"updated":27},21712,{"tool":20,"engine":23},{"id":21,"name":22},1,"Network Scanner",{"id":24,"name":25},3,"OpenVAS",{"id":18,"codename":27,"description":27,"severity":27,"risk_description":28,"public_description":29,"public_recommendation":30,"recommendation":27,"references":31,"cvssv3":27,"epss_score":36,"epss_percentile":37,"cve":38,"in_cisa_catalog":40,"date":27,"software_type":27,"vendor":27,"product":27,"ptt_exploit_capabilities":27},null,"This flaw is due to improper validation of data passed into name and HTTP_RAW_POST_DATA parameters in ofc_upload_image.php which can be exploited to create php files containing malicious php code. Successful exploitation will let the remote attackers execute malicious PHP code to compromise the remote machine running the vulnerable application.","Piwik is prone to PHP Code Execution vulnerability.","No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.",[32,33,34,35],"http://secunia.com/advisories/37078","http://www.securityfocus.com/bid/37314","http://www.openwall.com/lists/oss-security/2009/12/14/1","http://packetstormsecurity.org/0910-exploits/piwik-upload.txt",0.91085,0.99639,[39],"CVE-2009-4140",false,"NETSCAN-OPENVAS-1.3.6.1.4.1.25623.1.0.900992","Piwik 0.2.35 - 0.4.3 PHP Code Execution Vulnerability","2018-01-02T00:00:00Z",["Island",45],{"key":46,"params":47,"result":49},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":48},"{\"text-color\":\"gray\"}",{"head":50},{}]