Lucene search
PRIOn knowledge basePRION:CVE-2012-0993HistoryFeb 21, 2012 - 1:31 p.m.
Sql injection
2012-02-2113:31:00
PRIOn knowledge base
www.prio-n.com
3
Eval injection vulnerability in zp-core/zp-extensions/viewer_size_image.php in ZENphoto 1.4.2, when the viewer_size_image plugin is enabled, allows remote attackers to execute arbitrary PHP code via the viewer_size_image_saved cookie.
References
archives.neohapsis.com/archives/bugtraq/2012-02/0037.html
secunia.com/advisories/47875
www.securityfocus.com/bid/51916
www.zenphoto.org/news/zenphoto-1.4.2.1
www.zenphoto.org/trac/changeset/8994
www.zenphoto.org/trac/changeset/8995
exchange.xforce.ibmcloud.com/vulnerabilities/73081
www.htbridge.ch/advisory/HTB23070
Related
dsquare
dsquare
Zenphoto 1.4.2 RCE
2012-03-31 00:00:00
nessus
nessus
Zenphoto viewer_size_image_saved Cookie Value eval() Call Remote PHP Code Execution
2012-03-23 00:00:00
Zenphoto < 1.4.2.1 Multiple Vulnerabilities
2012-03-23 00:00:00
cve
cve
CVE-2012-0993
2012-02-21 13:31:45
cvelist
cvelist
CVE-2012-0993
2012-02-21 00:00:00
nvd
nvd
CVE-2012-0993
2012-02-21 13:31:45
openvas
openvas
Zenphoto <= 1.4.2 Multiple Vulnerabilities - Active Check
2012-02-09 00:00:00
Zenphoto Multiple Security Vulnerabilities
2012-02-09 00:00:00
packetstorm
packetstorm
ZENphoto 1.4.2 Code Execution / XSS / SQL Injection
2012-02-08 00:00:00
htbridge
htbridge
Multiple vulnerabilities in ZENphoto
2012-01-18 00:00:00
securityvulns
securityvulns
Multiple vulnerabilities in ZENphoto
2012-02-13 00:00:00