CVE-2012-0993 in ZenPhotoinfo

Summary

Eval injection vulnerability in zp-core/zp-extensions/viewer_size_image.php in ZENphoto 1.4.2, when the viewer_size_image plugin is enabled, allows remote attackers to execute arbitrary PHP code via the viewer_size_image_saved cookie.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

02/02/2012

Disclosure

02/21/2012

Moderation

VulDB entry created

Entries

VDB-60267 (1)

CPE

ready

CWE

CWE-94 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.01699

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-0993
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-0993
CVE Details	https://www.cvedetails.com/cve/CVE-2012-0993/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!