CVE-2012-6046
published 2012-11-27CVE-2012-6046: Static code injection vulnerability in admin/banners.php in PHP Enter allows remote attackers to inject arbitrary PHP code into horad.php via the code…
PriorityP356critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
4.13%
89.6th percentile
Static code injection vulnerability in admin/banners.php in PHP Enter allows remote attackers to inject arbitrary PHP code into horad.php via the code parameter.
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor POST requests to admin/banners.php containing a 'code' parameter with PHP code patterns (e.g., <?php), as this is the injection vector used to write arbitrary PHP into horad.php. ↗
- →Monitor for unexpected modifications to horad.php on the filesystem, as successful exploitation results in attacker-controlled PHP code being written to that file. ↗
- →Affected version is PHP Enter 4.1.2; other versions may also be vulnerable. Confirm installed version when triaging. ↗
- ·The vulnerability requires access to the admin panel (admin/banners.php), so exploitation presupposes authenticated or otherwise accessible admin credentials. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.org/files/112536/PHP-Enter-Code-Injection.htmlhttp://www.securityfocus.com/bid/53426https://exchange.xforce.ibmcloud.com/vulnerabilities/75464http://packetstormsecurity.org/files/112536/PHP-Enter-Code-Injection.htmlhttp://www.securityfocus.com/bid/53426https://exchange.xforce.ibmcloud.com/vulnerabilities/75464
2012-11-27
Published