CVE-2012-1823CISA KEV: Actively Exploited

PHP-CGI Query String Parameter Vulnerability

Published Mar 25, 2022·Updated Mar 25, 2022

Description

sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code.

Public Exploits & PoCs12 found

PoC: CVE-2012-1823-exploit-for-https-user-password-web

CVE-2012-1823 exploit for https user password website.

1

PoC: oscp_scripts-1

First script, pgp-cgi-cve-2012-1823 BASH script

1

[POC] GHSA-2j8v-hwgc-x698 — CVE-2012-1823

CVE-2012-1823 - PHP CGI Argument Injection Remote Code Execution (RCE)

PoC: Vulnerable-Lab-Exploitation

A hands-on project demonstrating the setup of virtual security lab, network reconnaissance, and exploitation of CVE-2012-1823.

PoC: Open-Worldwide-Application-Security-Project-OWASP-

Automated Web Vulnerability Assessment of DVWA using OWASP ZAP to identify and analyze critical security flaws like Remote Code Execution (CVE-2012-1823).

PoC: PHP-CGI-Argument-Injection-Exploit

Ushbu videoda Kali Linux orqali Metasploitable 2 serveriga PHP CGI Argument Injection (CVE-2012-1823) ekspluatatsiyasi Metasploit yordamida amalga oshiriladi

PoC: CVE-2012-1823-exploit-for-https-user-password-web

CVE-2012-1823 exploit for https user password website.

PoC: CVE-2012-1823

Prova de conceito de php cgi argument injection

PoC: CVE-2012-1823

Prova de conceito de PHP CGI Argument Injection.

PoC: CVE-2012-1823

Prova de conceito para PHP CGI Argument Injection (CVE-2012-1823)

PoC: CVE-2012-1823

PHP CGI Argument Injection.

PoC: CVE-2012-1823

PHP CGI Argument Injection RCE

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free