Composer · packagist.org
mpl/matomo
Php Base64 Eval Chain: base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload.
Why PkgRadar flagged 5.11.0
| Severity | Signal | Evidence |
|---|---|---|
| high | Php Base64 Eval Chain | base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload. · PortlandLabs-mpl-matomo-3ab89b7/core/Common.php |
| high | Php Backtick With Decode | Backtick shell-out combined with base64/hex decode. · PortlandLabs-mpl-matomo-3ab89b7/core/Common.php |
| medium | Remote Payload | matched "curl " · PortlandLabs-mpl-matomo-3ab89b7/core/CliMulti/Process.php |
| medium | Remote Payload | matched "curl " · PortlandLabs-mpl-matomo-3ab89b7/core/CronArchive.php |
| medium | Remote Payload | matched "CURL " · PortlandLabs-mpl-matomo-3ab89b7/core/Http.php |
| medium | Remote Payload | matched "curl " · PortlandLabs-mpl-matomo-3ab89b7/core/testMinimumPhpVersion.php |
| medium | Remote Payload | matched "raw.githubusercontent.com" · PortlandLabs-mpl-matomo-3ab89b7/plugins/CoreAdminHome/Tasks.php |
| medium | Remote Payload | matched "github.com/yui/yuicompressor/releases/download" · PortlandLabs-mpl-matomo-3ab89b7/plugins/CoreConsole/Commands/BuildTracker.php |
| medium | Remote Payload | matched "Curl " · PortlandLabs-mpl-matomo-3ab89b7/plugins/Diagnostics/Diagnostic/PhpInformational.php |
| medium | Remote Payload | matched "cUrl " · PortlandLabs-mpl-matomo-3ab89b7/plugins/GeoIp2/GeoIP2AutoUpdater.php |
| medium | Remote Payload | matched "cUrl " · PortlandLabs-mpl-matomo-3ab89b7/plugins/GeoIp2/LocationProvider/GeoIp2/Php.php |
| medium | Remote Payload | matched "raw.githubusercontent.com" · PortlandLabs-mpl-matomo-3ab89b7/plugins/Intl/Commands/GenerateIntl.php |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
5.11.0 | High risk | 87 | 2026-06-09 |
5.10.1 | High risk | 87 | 2026-05-30 |
Block this in CI
pkgradar gate --ecosystem composer mpl/[email protected]