Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2012-1823

PHP | PHPAdded 2022-03-25Remediation Deadline 2022-04-15

PHP-CGI Query String Parameter Vulnerability

sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-20

References