Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 62) Position 1 = -2
filename: /in/XdsPJ
function name: (null)
number of ops: 39
compiled vars: !0 = $html, !1 = $doc, !2 = $xpath, !3 = $impact_node, !4 = $severity_node
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
3 0 E > ASSIGN !0, '%3Cul%3E%0A%3Cli%3E%3Cstrong%3EProject%3A%3C%2Fstrong%3E+Joomla%21%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3ESubProject%3A%3C%2Fstrong%3E+CMS%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EImpact%3A%3C%2Fstrong%3E+Low%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3ESeverity%3A%3C%2Fstrong%3E+%3Cspan+class%3D%22label+label-info%22%3ELow%3C%2Fspan%3E%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EVersions%3A%3C%2Fstrong%3E+3.8.0+-+3.9.13%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EExploit+type%3A%3C%2Fstrong%3E+Path+Disclosure%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EReported+Date%3A%3C%2Fstrong%3E+2019-November-22%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EFixed+Date%3A%3C%2Fstrong%3E+2019-December-17%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3ECVE+Number%3A%3C%2Fstrong%3E+%3Ca+href%3D%22https%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3DCVE-2019-19845%22%3ECVE-2019-19845%3C%2Fa%3E%3C%2Fli%3E%0A%3C%2Ful%3E%0A%3Ch3%3EDescription%3C%2Fh3%3E%0A%3Cp%3EMissing+access+check+in+framework+files+could+lead+to+a+path+disclosure.%3C%2Fp%3E%0A%3Ch3%3EAffected+Installs%3C%2Fh3%3E%0A%3Cp%3EJoomla%21+CMS+versions+3.8.0+-+3.9.13%3C%2Fp%3E%0A%3Ch3%3ESolution%3C%2Fh3%3E%0A%3Cp%3EUpgrade+to+version+3.9.14%3C%2Fp%3E%0A%3Ch3%3EContact%3C%2Fh3%3E%0A%3Cp%3EThe+JSST+at+the+%3Ca+title%3D%22Contact+the+JSST%22+href%3D%22https%3A%2F%2Fdeveloper.joomla.org%2Fsecurity-centre.html%22%3EJoomla%21+Security+Centre%3C%2Fa%3E.%3C%2Fp%3E%0A%3Cdiv+class%3D%22alert+alert-info%22%3E%3Cstrong%3EReported+By%3A+%3C%2Fstrong%3ELee+Thao%2C+Viettel+Cyber+Security%3C%2Fdiv%3E%3Cdiv+class%3D%22feedflare%22%3E%0A%3Ca+href%3D%22https%3A%2F%2Ffeeds.joomla.org%2F%7Eff%2FJoomlaSecurityNews%3Fa%3D_fWsZ57Sw7g%3AuVTwWaDiNQ0%3AyIl2AUoC8zA%22%3E%3C%2Fa%3E%0A%3C%2Fdiv%3E'
26 1 NEW $6 'DOMDocument'
2 DO_FCALL 0
3 ASSIGN !1, $6
27 4 INIT_METHOD_CALL !1, 'loadHTML'
5 SEND_VAR_EX !0
6 DO_FCALL 0
28 7 NEW $10 'DOMXPath'
8 SEND_VAR_EX !1
9 DO_FCALL 0
10 ASSIGN !2, $10
29 11 INIT_METHOD_CALL !2, 'query'
12 SEND_VAL_EX '%2F%2Fli%5Bcontains%28string%28%29%2C+%22Impact%3A%22%29%5D'
13 DO_FCALL 0 $13
14 ASSIGN !3, $13
30 15 INIT_FCALL 'str_replace'
16 SEND_VAL 'Impact%3A+'
17 SEND_VAL ''
18 INIT_METHOD_CALL !3, 'item'
19 SEND_VAL_EX 0
20 DO_FCALL 0 $15
21 FETCH_OBJ_R ~16 $15, 'textContent'
22 SEND_VAL ~16
23 DO_ICALL $17
24 CONCAT ~18 'Impact%3A+', $17
25 ECHO ~18
31 26 ECHO '%0A'
32 27 INIT_METHOD_CALL !2, 'query'
28 SEND_VAL_EX '%2F%2Fli%5Bcontains%28string%28%29%2C+%22Severity%3A%22%29%5D%2Fspan%5Bcontains%28%40class%2C+%22label-info%22%29%5D'
29 DO_FCALL 0 $19
30 ASSIGN !4, $19
33 31 INIT_METHOD_CALL !4, 'item'
32 SEND_VAL_EX 0
33 DO_FCALL 0 $21
34 FETCH_OBJ_R ~22 $21, 'textContent'
35 CONCAT ~23 'Severity%3A+', ~22
36 CONCAT ~24 ~23, '%0A'
37 ECHO ~24
38 > RETURN 1
Generated using Vulcan Logic Dumper, using php 8.0.0