PHP-CGI Installations Vulnerability (CVE-2012-1823) Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

15

PHP-CGI Installations Vulnerability (CVE-2012-1823) Scanner Detail

CVE-2012-1823 vulnerable PHP-CGI installations are identified.

Detects PHP-CGI installations that are vulnerable to CVE-2012-1823, This critical vulnerability allows attackers to retrieve source code and execute code remotely.

The script works by appending "?-s" to the uri to make vulnerable php-cgi handlers return colour syntax highlighted source. We use the pattern "<?" to detect vulnerable installations.

Some Advice for Common Problems

The vendor's original advisory is available at:

  • http://www.php.net/archive/2012.php#id2012-05-03-1

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service