Lucene search
MitreCVELIST:CVE-2012-5223HistoryOct 01, 2012 - 8:00 p.m.
CVE-2012-5223
2012-10-0120:00:00
mitre
www.cve.org
The proc_deutf function in includes/functions_vbseocp_abstract.php in vBSEO 3.5.0, 3.5.1, 3.5.2, 3.6.0, and earlier allows remote attackers to insert and execute arbitrary PHP code via “complex curly syntax” in the char_repl parameter, which is inserted into a regular expression that is processed by the preg_replace function with the eval switch.
Related
cve
cve
CVE-2012-5223
2012-10-01 20:55:03
dsquare
dsquare
vBSEO 3.6.0 RCE
2012-01-31 00:00:00
checkpoint_advisories
checkpoint_advisories
vBSEO Remote PHP Code Injection (CVE-2012-5223)
2013-06-06 00:00:00
prion
prion
Code injection
2012-10-01 20:55:00
openvas
openvas
vBSEO 'proc_deutf()' Remote Code Execution Vulnerability
2012-01-31 00:00:00
vBSEO 'proc_deutf()' RCE Vulnerability
2012-01-31 00:00:00
nvd
nvd
CVE-2012-5223
2012-10-01 20:55:03