NVD

Id
43028  
Name
CVE-2012-0993  
Description
Eval injection vulnerability in zp-core/zp-extensions/viewer_size_image.php in ZENphoto 1.4.2, when the viewer_size_image plugin is enabled, allows remote attackers to execute arbitrary PHP code via the viewer_size_image_saved cookie.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2012-02-21  
Modified Date
2012-02-21  
Seq
2012-0993  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
216562 43028 CVE-2012-0993 20120208 Multiple vulnerabilities in ZENphoto  View
216563 43028 CVE-2012-0993 51916  View
216564 43028 CVE-2012-0993 http://www.zenphoto.org/news/zenphoto-1.4.2.1  View
216565 43028 CVE-2012-0993 http://www.zenphoto.org/trac/changeset/8994  View
216566 43028 CVE-2012-0993 http://www.zenphoto.org/trac/changeset/8995  View
216567 43028 CVE-2012-0993 zenphoto-viewersizeimage-code-execution(73081)  View
216568 43028 CVE-2012-0993 https://www.htbridge.ch/advisory/HTB23070  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
25827 JVNDB-2012-001534 Zenphoto の viewer_size_image.php における任意の PHP コードを実行される脆弱性 Zenphoto の zp-core/zp-extensions/viewer_size_image.php は、viewer_size_image プラグインが有効の際、任意の PHP コードを実行される脆弱性が存在します。 CVE-2012-0993 54231 CVE-2012-0993 43028 6.8 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001534.html 2012-02-21 2012-02-22 View