cbcvebase.
CVE-2012-6046
published 2012-11-27

CVE-2012-6046: Static code injection vulnerability in admin/banners.php in PHP Enter allows remote attackers to inject arbitrary PHP code into horad.php via the code…

PriorityP356critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
4.13%
89.6th percentile
Static code injection vulnerability in admin/banners.php in PHP Enter allows remote attackers to inject arbitrary PHP code into horad.php via the code parameter.

Detection & IOCsextracted from sources · hover to see the quote

pathadmin/banners.php
  • Monitor POST requests to admin/banners.php containing a 'code' parameter with PHP code patterns (e.g., <?php), as this is the injection vector used to write arbitrary PHP into horad.php.
  • Monitor for unexpected modifications to horad.php on the filesystem, as successful exploitation results in attacker-controlled PHP code being written to that file.
  • Affected version is PHP Enter 4.1.2; other versions may also be vulnerable. Confirm installed version when triaging.
  • ·The vulnerability requires access to the admin panel (admin/banners.php), so exploitation presupposes authenticated or otherwise accessible admin credentials.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.