Security Researcher Orange Tsai recently discovered a critical argument injection vulnerability in PHP CGI that could allow attackers to execute arbitrary code without any authentication, leading to possible system compromise. The use of PHP CGI has faded over time; however, CVE-2024-4577 affects the default configuration of XAMPP. XAMPP is a popular software used by PHP … Continue reading “PHP CGI Argument Injection Vulnerability (CVE-2024-4577)”