CyberSec.Space Logo
Back to CVE Browser

CVE-2012-6046

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1320%
EPSS Percentile18.39th
PublishedNov 27, 2012
Last ModifiedApr 29, 2026

Vulnerability Description

Static code injection vulnerability in admin/banners.php in PHP Enter allows remote attackers to inject arbitrary PHP code into horad.php via the code parameter.

Affected Platforms (CPE)

πŸ“¦
Phpenter

Php Enter

All versions

References & Advisories

πŸ”— http://packetstormsecurity.org/files/112536/PHP-Enter-Code-Injection.html
πŸ”— http://www.securityfocus.com/bid/53426
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/75464
πŸ”— http://packetstormsecurity.org/files/112536/PHP-Enter-Code-Injection.html
πŸ”— http://www.securityfocus.com/bid/53426
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/75464

Related Vulnerabilities

CVE-2021-403739.8

playSMS before 1.4.5 allows Arbitrary Code Execution by entering PHP code at the #tabs-information-page of core_main_config, and t...

CVE-2017-111679.8

FineCMS 2.1.0 allows remote attackers to execute arbitrary PHP code by using a URL Manager "Add Site" action to enter this code af...

CVE-2018-10006419.8

YesWiki version <= cercopitheque beta 1 contains a PHP Object Injection vulnerability in Unserialising user entered parameter in i...

CVE-2018-205998.8

UCMS 1.4.7 allows remote attackers to execute arbitrary PHP code by entering this code during an index.php sadmin_fileedit action.