
Ask HN: Someone Is Phishing for PHPUnit in Sites - dzink
Someone keeps phishing for phpunit presence on sites by doing post and get requests for wordpress, laravel, and other typical php project paths, including a CloudFlare plugin. This is the path they are asking for from our logs:<p>“vendor&#x2F;phpunit&#x2F;phpunit&#x2F;src&#x2F;Util&#x2F;PHP&#x2F;eval-stdin.php&quot;<p>Is there a vulnerability people need to watch out for?
======
dylz
[https://www.cvedetails.com/cve/CVE-2017-9841/](https://www.cvedetails.com/cve/CVE-2017-9841/)
probably.

