PHP-Ping is "a simple ping utility written in PHP". A vulnerability in the script allows remote attackers to cause the script to execute arbitrary code.
Credit:
The information has been provided by ppp-design.
Due to improper filtering of the count variable, a remote attacker can insert arbitrary commands into the command executed by the PHP script (the ping command).
Example:
You can use one of the following to verify whether your system is vulnerable or not: http://www.example.com/php-ping.php?count=1+%26+ls%20-l+%26&submit=Ping%21
http://www.example.com/php-ping.php?count=1+%26+cat%20/etc/passwd+%26&submit=Ping%21
Solution:
Add the following (proper) filtering lines: // replace bad chars
$host= preg_replace ("/[^A-Za-z0-9.]/","",$host);
$count= preg_replace ("/[^0-9.]/","",$count);
