According to the source below PHP needs an urgent update, current version that is installed during perfect server install on Ubuntu 18.04 is 7.2.19 https://www.cisecurity.org/advisory...-allow-for-arbitrary-code-execution_2019-087/ SYSTEMS AFFECTED: PHP 7.1 versions prior to 7.1.32 PHP 7.2 versions prior to 7.2.22 PHP 7.3 versions prior to 7.3.9
Not directly related to ISPConfig as the PHP on your server is not from ISPConfig. Install updates of your operating system as usual and ensure that your operating system version is within the supported version range of the Linux distribution so that you get still updates. And be aware that Linux distributions patch security issues in programs without setting a higher version number of the application, so you can't see from the version number of e.g. php --version if your php is vulnerable or not, you have to look at the php distribution pages and package trackers of the distributor to see if the currently installed package version is patched or not. Ubuntu 18.04 is still fully supported by canonical, so all you have to do is to install updates regularly with apt-get update apt-get upgrade that's all. I moved your post to the general forum as it's not ispconfig development related.
You do not bother to mention which version of Ubuntu you have. You can see which security updates have been applied to current Ubuntu PHP 7.2 package from here: http://changelogs.ubuntu.com/changelogs/pool/main/p/php7.2/php7.2_7.2.19-0ubuntu0.18.04.2/changelog