Composer · packagist.org
phreesoft/bizuno
Php Base64 Eval Chain: base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload.
Why PkgRadar flagged v7.4.3
| Severity | Signal | Evidence |
|---|---|---|
| high | Php Base64 Eval Chain | base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload. · phreesoft-bizuno-9f096d7/src/model/functions.php |
| high | Php Shell With Decode | exec / system / shell_exec combined with base64/hex decode. · phreesoft-bizuno-9f096d7/src/model/functions.php |
| medium | Remote Payload | matched "cURL " · phreesoft-bizuno-9f096d7/src/controllers/payment/gateways/payfabric/payfabric.php |
| medium | Remote Payload | matched "curl " · phreesoft-bizuno-9f096d7/src/portal/installCheck.php |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v7.4.3 | High risk | 72 | 2026-06-05 |
v7.4.2 | High risk | 97 | 2026-05-30 |
v7.4.0 | High risk | 97 | 2026-05-30 |
Related campaigns
- PhreeSoft — 2 releases, max score 97
Block this in CI
pkgradar gate --ecosystem composer phreesoft/[email protected]