CVE CVE-2015-2945 Mappings

mt-phpincgi.php in Hajime Fujimoto mt-phpincgi before 2015-05-15 does not properly restrict URLs, which allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted request, as exploited in the wild in May 2015.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2015-2945 n/a uncategorized T1059 Command and Scripting Interpreter
CVE-2015-2945 n/a uncategorized T1068 Exploitation for Privilege Escalation