Backdoor:PHP/Remoteshell.V

[dyrathror]

Hi,
my Windows 10 security system alarmed about a PHP backdoor in one of the files from your archive.

Detected: Backdoor:PHP/Remoteshell.V
Details: This program provides remote access to the computer it is installed on.
Affected items:
file: C:\work\Source\advisory-database\advisories\github-reviewed\2022\02\GHSA-673j-qm5f-xpv8\GHSA-673j-qm5f-xpv8.json

After restoring the file and having a look at it, it doesn't look much of a threat to me but then again I didn't analyze the embedded links. Perhaps you want to have a look at it ?!?

best regards,
D.

[darakian]

Hey @dyrathror, I would guess that's a false positive. Is the scanner alerting on a local copy of the json file? If you can you post the contents of that file if they differ from what we have in the repo?

[dyrathror]

Hi @darakian ,
here it is. The Windows Defender jumped at me again when I tried to zip the file so I renamed it to .txt.

GHSA-673j-qm5f-xpv8.txt

[darakian]

Yep that's identical. I would guess it's a windows defender issue. Not sure where to report that bug to though 😞