Code Injection via Backticks

Description

The use of backticks may lead to command injection vulnerabilities, allowing an attacker to execute arbitrary system commands.

Examples

Insecure Code

php

`echo $input;`;

Secure Code

php

$output = shell_exec('echo '. escapeshellarg($input));

Remediation

Use a safer alternative, such as the exec or system functions with proper input validation and sanitization, or consider using a PHP library that provides a safer way to execute system commands.

Rule Details

Field	Value
ID	CODE-0746
Category	Injection
Severity	CRITICAL
CWE	CWE-94
Confidence	HIGH
Impact	HIGH
Likelihood	MEDIUM
Exploitability	EASY
Tags	command injection, code injection
OWASP	A1:2017-Injection, A03:2021-Injection

References

https://www.php.net/manual/en/language.operators.execution.php
https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/BadFunctions/BackticksSniff.php

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Code Injection via Backticks

Description

Examples

Insecure Code

Secure Code

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

Code Injection via Backticks ​

Description ​

Examples ​

Insecure Code ​

Secure Code ​

Remediation ​

Rule Details ​

References ​

Code Injection via Backticks

Description

Examples

Insecure Code

Secure Code

Remediation

Rule Details

References