1.2.1097. Shell Favorite¶
PHP has several syntax to make system calls : shell_exec(), exec() and back-ticks, ` are the common ones.
It was found that one of those three is actually being used over 90% of the time. The remaining cases should be uniformed, so has to make this code consistent.
<?php
// back-ticks ` are only used once.
`back-tick`;
shell_exec('exec1');
shell_exec('exec2');
shell_exec('exec3');
shell_exec('exec4');
shell_exec('exec5');
shell_exec('exec6');
shell_exec('exec7');
shell_exec('exec8');
shell_exec('exec9');
shell_exec('exec10');
shell_exec('exec11');
shell_exec('exec12');
?>
See also Execution Operators, shell_exec() and ptlis/shell-command.
1.2.1097.1. Connex PHP features¶
1.2.1097.1.1. Specs¶
Short name |
Php/ShellFavorite |
Rulesets |
|
Exakat since |
0.12.9 |
PHP Version |
All |
Severity |
|
Time To Fix |
|
Precision |
Very high |
Available in |