Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-6175 — Code Injection in Php-gettext

CWE-94 — Code Injection8 documents6 sources

Severity

9.8CRITICALNVD

EPSS

10.9%

top 6.57%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Php-gettext Project Php-gettext Debian Php-gettext

Timeline

PublishedFeb 7

Latest updateMay 17

Description

Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

▶debiandebian/php-gettext< php-gettext 1.0.12-1 (bookworm)

▶Debianphp-gettext_project/php-gettext< 1.0.12-1+1

▶NVDphp-gettext_project/php-gettext1.0.12

🔴Vulnerability Details

GHSA

GHSA-6f39-vhv8-5hcw: Eval injection vulnerability in php-gettext 1↗2022-05-17

▶

OSV

CVE-2016-6175: Eval injection vulnerability in php-gettext 1↗2017-02-07

▶

💥Exploits & PoCs

Exploit-DB

PHP gettext 1.0.12 - 'gettext.php' Code Execution↗2016-07-25

▶

📋Vendor Advisories

Debian

CVE-2016-6175: php-gettext - Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote att...↗2016

▶

💬Community

Bugzilla

CVE-2016-6175 php-php-gettext: $string variable not sufficiently sanitized↗2017-01-19

▶

Bugzilla

CVE-2016-6175 php-php-gettext: $string variable not sufficiently sanitized [fedora-all]↗2017-01-19

▶

Bugzilla

CVE-2016-6175 php-php-gettext: $string variable not sufficiently sanitized [epel-all]↗2017-01-19

▶