Description
A vulnerability was found in php-censor up to 2.1.6. This affects an unknown function of the file src/Model/Build/GitBuild.php of the component Webhook Endpoint. Performing a manipulation of the argument commitId results in os command injection. The attack can be initiated remotely. The exploit has been made public and could be used. The patch is named cd68d102601320bd319d590b75f7652e66f0685f. It is recommended to apply a patch to fix this issue.
Published: 2026-06-01
Score: 6.9 Medium
EPSS: 1.4% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability resides in the GitBuild.php webhook endpoint of php-censor, where an attacker can manipulate the commitId parameter to inject arbitrary operating system commands. This injection flaw allows full control over the host system, potentially compromising confidentiality, integrity, and availability. The CVSS score of 6.9 indicates moderate severity, but the impact is severe if exploited.

Affected Systems

All installations of php-censor up to version 2.1.6 are affected. The attack is triggered remotely through the webhook endpoint and does not require authentication.

Risk and Exploitability

The exploit has been disclosed publicly and is considered feasible, with an EPSS score of 1%. The vulnerability is not listed in the CISA KEV catalog, but the impact of OS command execution warrants urgent attention. Attackers can trigger the injection via the webhook, and the absence of input validation makes exploitation straightforward.

Generated by OpenCVE AI on June 2, 2026 at 14:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor-provided patch identified by commit cd68d102601320bd319d590b75f7652e66f0685f
  • Upgrade php‑censor to a version newer than 2.1.6
  • Disable or restrict access to the GitBuild.php webhook endpoint unless absolutely required

Generated by OpenCVE AI on June 2, 2026 at 14:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 03 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 01 Jun 2026 17:00:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in php-censor up to 2.1.6. This affects an unknown function of the file src/Model/Build/GitBuild.php of the component Webhook Endpoint. Performing a manipulation of the argument commitId results in os command injection. The attack can be initiated remotely. The exploit has been made public and could be used. The patch is named cd68d102601320bd319d590b75f7652e66f0685f. It is recommended to apply a patch to fix this issue.
Title php-censor Webhook Endpoint GitBuild.php os command injection
First Time appeared Php-censor
Php-censor php-censor
Weaknesses CWE-77
CWE-78
CPEs cpe:2.3:a:php-censor:php-censor:*:*:*:*:*:*:*:*
Vendors & Products Php-censor
Php-censor php-censor
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Php-censor Php-censor
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-06-03T15:13:43.085Z

Reserved: 2026-05-31T14:18:58.741Z

Link: CVE-2026-10273

cve-icon Vulnrichment

Updated: 2026-06-03T15:11:57.618Z

cve-icon NVD

Status : Deferred

Published: 2026-06-01T17:16:43.883

Modified: 2026-06-03T16:16:25.670

Link: CVE-2026-10273

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-02T14:45:10Z

Weaknesses
  • CWE-77

    Improper Neutralization of Special Elements used in a Command ('Command Injection')

  • CWE-78

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')