CVE-2026-2184
OS Command Injection in Great Developers Certificate Generation System
Publication date: 2026-02-08
Last updated on: 2026-02-24
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| greatdevelopers | certificate | to 2017-10-16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2026-2184 is a critical OS command injection vulnerability in the Great Developers Certificate Generation System, specifically in the file /restructured/csv.php. The vulnerability occurs because the 'photo' argument is improperly sanitized before being used in operating system commands, allowing attackers to inject arbitrary OS commands."}, {'type': 'paragraph', 'content': 'This flaw corresponds to CWE-78 (Improper Neutralization of Special Elements used in an OS Command) and is related to CWE-77 and CWE-74. It allows remote attackers to execute commands on the affected system without authentication.'}, {'type': 'paragraph', 'content': 'The product uses a rolling release model, so exact affected versions are unclear, and the code repository has been inactive for years, with no known mitigations.'}] [1]
How can this vulnerability impact me? :
This vulnerability allows remote attackers to execute arbitrary operating system commands on the affected system without any authentication.
As a result, attackers can compromise the confidentiality, integrity, and availability of the system.
Potential impacts include unauthorized access to sensitive data, modification or deletion of files, disruption of services, and complete system takeover.
Because the system does not validate uploaded archive contents, it is also vulnerable to Zip Slip attacks and file overwrite vulnerabilities, increasing the risk of further exploitation.
Due to the lack of active maintenance and no published mitigations, it is recommended to replace the affected software with an alternative.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by identifying instances of the Great Developers Certificate Generation System that expose the vulnerable file `/restructured/csv.php` to the network. Potential attackers can locate vulnerable instances using Google dorking with queries like `inurl:restructured/csv.php`.
Since the vulnerability involves OS command injection via the `photo` argument, monitoring web requests for suspicious or unusual input in this parameter may help detect exploitation attempts.
No specific detection commands are provided, but network administrators can use web server logs or intrusion detection systems to look for HTTP requests targeting `/restructured/csv.php` with unusual or shell command-like payloads in the `photo` parameter.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected software with an alternative product, as the projectβs code repository has been inactive for many years and no known mitigations or countermeasures have been published.
Since the vulnerability allows remote OS command injection without authentication, it is critical to restrict access to the vulnerable endpoint `/restructured/csv.php` by network-level controls such as firewalls or web application firewalls (WAFs).
Additionally, monitoring and blocking suspicious inputs to the `photo` argument can help reduce risk until the software is replaced.