Lucene search
PRIOn knowledge basePRION:CVE-2012-5223HistoryOct 01, 2012 - 8:55 p.m.
Code injection
2012-10-0120:55:00
PRIOn knowledge base
www.prio-n.com
1
The proc_deutf function in includes/functions_vbseocp_abstract.php in vBSEO 3.5.0, 3.5.1, 3.5.2, 3.6.0, and earlier allows remote attackers to insert and execute arbitrary PHP code via “complex curly syntax” in the char_repl parameter, which is inserted into a regular expression that is processed by the preg_replace function with the eval switch.
Related
cvelist
cvelist
CVE-2012-5223
2012-10-01 20:00:00
nvd
nvd
CVE-2012-5223
2012-10-01 20:55:03
openvas
openvas
vBSEO 'proc_deutf()' Remote Code Execution Vulnerability
2012-01-31 00:00:00
vBSEO 'proc_deutf()' RCE Vulnerability
2012-01-31 00:00:00
cve
cve
CVE-2012-5223
2012-10-01 20:55:03
dsquare
dsquare
vBSEO 3.6.0 RCE
2012-01-31 00:00:00
checkpoint_advisories
checkpoint_advisories
vBSEO Remote PHP Code Injection (CVE-2012-5223)
2013-06-06 00:00:00