Skip to content

Security issues with using PHPs escapeshellarg

Author

Eldar Marcussen

Published

13 November 2013

Using user supplied data on the command line is traditionally a security disaster waiting to happen.

Using user supplied data on the command line is traditionally a security disaster waiting to happen. In an infinite universe there are however times when you might need to do just that. You will be glad to know that PHP provides two functions to aid you with security in those situations:escapeshellcmd and escapeshellarg.

Read the full post and explore our Technical Blog here.

Related stories

Showing 340 results

Aeroplanes fly above an aircraft carrier

08 September 2025 INSIGHT

Integration and interoperability: following the ‘I’-line for asset management investments in defence

Campbell Harte, Head of Business Development and Sales at Eurostep, sits down with Luigi Sidoli, Head of Digital Management at Digital Intelligence, to analyse the results of recent research into the digital management of defence assets .

20 August 2025 INSIGHT

Building accountability in cyberspace: What can we learn from Defence?

The Defence sector has a role to play in helping to shape responsible practices and behaviours within Cyber

Representation of an underwater battle scenario

29 July 2025 INSIGHT

Whitepaper: Exploiting the underwater battlespace

With the subsea domain quickly emerging as a new arena of strategic conflict and competition, how can we engineer the underwater battlespace to our advantage?

Composite image featuring a soldier and a rocket launcher

24 July 2025 INSIGHT

Cyber and Electromagnetic competition: A brave new world

British Army veteran Si Timewell discusses the need for a software-defined approach to CyberEM amidst a dynamic battlespace where threats can come from anywhere.

Abstract image of a girl looking at a satellite in space

15 July 2025 INSIGHT

Giving secondary school students a taste of space

As a Space team, one of our core areas of focus is working with schools and educational organisations to encourage the next generation of talent to consider careers in STEM and space.

09 July 2025 INSIGHT

Leveraging AI for national advantage

The ongoing AI revolution is offering many opportunities, but at what cost? Organisations and nations must figure out how to balance the risk to reap the rewards

Exploiting the underwater battlespace: Part 3

02 July 2025 INSIGHT

Exploiting the underwater battlespace: Part 3 – full steam ahead

In the final blog of our series looking at the modern underwater battlespace, we discuss the next steps to building a stable and secure subsea environment

Composite image featuring fighter jets, drones and rocket launcher on a topographic map

19 June 2025 INSIGHT

The value of autonomous ISR

Building greater autonomy into Intelligence, Surveillance and Reconnaissance (ISR) has the potential to transform military and civil operations.

05 June 2025 INSIGHT

Do you trust your MSS provider to defend your digital secrets?

Outsourcing is one of the most well-established business models in IT, but choosing to rely on a Managed Security Service comes with some important considerations.

Get in touch

Eldar Marcussen

Cyber Security Consultant