CVE-2013-10070
CVE-2013-10070 is a critical-severity vulnerability with a CVSS 4.0 base score of 10.0. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-95.
Key facts
- Severity: Critical (CVSS 4.0 base score 10.0)
- EPSS exploit prediction: 1% (70th percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2013-7280
- Weakness: CWE-95
- Published:
- Last modified:
Description
PHP-Charts v1.0 contains a PHP code execution vulnerability in wizard/url.php, where user-supplied GET parameter names are passed directly to eval() without sanitization. A remote attacker can exploit this flaw by crafting a request that injects arbitrary PHP code, resulting in command execution under the web server's context. The vulnerability allows unauthenticated attackers to execute system-level commands via base64-encoded payloads embedded in parameter names, leading to full compromise of the host system.
Frequently asked questions
- What is CVE-2013-10070?
- PHP-Charts v1.0 contains a PHP code execution vulnerability in wizard/url.php, where user-supplied GET parameter names are passed directly to eval() without sanitization. A remote attacker can exploit this flaw by crafting a request that injects arbitrary PHP code, resulting in command execution under the web server's context. The vulnerability allows unauthenticated attackers to execute system-level commands via base64-encoded payloads embedded in parameter names, leading to full compromise of the host system.
- How severe is CVE-2013-10070?
- CVE-2013-10070 has a CVSS 4.0 base score of 10.0, rated critical severity.
- Is CVE-2013-10070 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (70th percentile), an estimate of the probability of exploitation in the next 30 days.
- How do I fix CVE-2013-10070?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its critical severity, prioritise patching exposed systems.
- Does CVE-2013-10070 have an EU (EUVD) identifier?
- Yes. CVE-2013-10070 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2013-7280.
- When was CVE-2013-10070 published?
- CVE-2013-10070 was published on 2025-08-05 and last updated on 2026-06-16.
References
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/php_charts_exec.rb
- https://web.archive.org/web/20130120234844/http://php-charts.com/
- https://www.exploit-db.com/exploits/24201
- https://www.exploit-db.com/exploits/24273
- https://www.vulncheck.com/advisories/php-charts-php-code-execution
Other CWE-95 (Eval Injection) vulnerabilities
- CVE-2026-44643 — Critical (CVSS 10.0): Angular Expressions provides expressions for the Angular.JS web framework as a standalone module. Prior to 1.5.2, an…
- CVE-2025-68271 — Critical (CVSS 10.0): OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems.…
- CVE-2022-36010 — Critical (CVSS 10.0): This library allows strings to be parsed as functions and stored as a specialized component,…
- CVE-2026-1470 — Critical (CVSS 9.9): n8n contains a critical Remote Code Execution (RCE) vulnerability in its workflow Expression evaluation system.…
- CVE-2023-29511 — Critical (CVSS 9.9): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with…
- CVE-2022-41931 — Critical (CVSS 9.9): xwiki-platform-icon-ui is vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval…