The eping_validaddr function in functions.php for the ePing plugin for e107 portal allows remote attackers to execute arbitrary commands via shell metacharacters after a valid argument to the eping_host parameter.Referenceshttp://marc.info/?l=bugtraq&m=111835539312985&w=2http://marc.info/?l=bugtraq&m=111868460811287&w=2http://e107plugins.co.uk/news.phphttp://secunia.com/advisories/15678
