Vendor
critical
advisory
Pheditor Hardcoded Admin Password Leads to Remote Code Execution (CVE-2026-55579)
1 rule 5 TTPsPheditor contains a critical vulnerability (CVE-2026-55579) where a hardcoded default password 'admin' with no forced change mechanism upon first login allows an unauthenticated attacker to gain full administrative access, enabling arbitrary file read/write and remote code execution through the application's terminal feature, leading to complete server compromise.
Pheditor +1
hardcoded-credentials
rce
web-application
cve
web-vulnerability
command-injection
php
1r
5t
high
advisory
Pheditor Authenticated Command Whitelist Bypass via Shell Command Substitution
1 rule 1 TTPPheditor 2.0.4 contains an authenticated command injection vulnerability, CVE-2026-54540, allowing a user with `terminal` permissions to bypass the `TERMINAL_COMMANDS` whitelist by leveraging shell command substitution to execute arbitrary shell commands as the web server user.
Pheditor 2.0.4
web-vulnerability
command-injection
php
1r
1t