[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":17,"vulnerability-8706":24},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},["Island",18],{"key":19,"params":20,"result":22},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":21},"{\"text-color\":\"gray\"}",{"head":23},{},{"id":25,"detectable_with":26,"vuln_details":33,"vuln_id":54,"name":55,"published":56,"updated":34},8706,{"tool":27,"engine":30},{"id":28,"name":29},1,"Network Scanner",{"id":31,"name":32},3,"OpenVAS",{"id":25,"codename":34,"description":34,"severity":34,"risk_description":35,"public_description":36,"public_recommendation":37,"recommendation":34,"references":38,"cvssv3":34,"epss_score":46,"epss_percentile":47,"cve":48,"in_cisa_catalog":53,"date":34,"software_type":34,"vendor":34,"product":34,"ptt_exploit_capabilities":34},null,"When PHP is used in a CGI-based setup (such as Apaches mod_cgid), the php-cgi receives a processed query string parameter as command line arguments which allows command-line switches, such as -s, -d or -c to be passed to the php-cgi binary, which can be exploited to disclose source code and obtain arbitrary code execution. An example of the -s command, allowing an attacker to view the source code of index.php is below: http://example.com/index.php?-s Exploiting this issue allows remote attackers to view the source code of files in the context of the server process. This may allow the attacker to obtain sensitive information and to run arbitrary PHP code on the affected computer. Other attacks are also possible.","PHP is prone to multiple vulnerabilities.","PHP: Update to version 5.3.13, 5.4.3 or later - Other products / applications: Please contact the vendor for a solution",[39,40,41,42,43,44,45],"https://web.archive.org/web/20190212080415/http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/","https://www.kb.cert.org/vuls/id/520827","https://bugs.php.net/bug.php?id=61910","https://www.php.net/manual/en/security.cgi-bin.php","https://web.archive.org/web/20210121223743/http://www.securityfocus.com/bid/53388","https://web.archive.org/web/20120709064615/http://www.h-online.com/open/news/item/Critical-open-hole-in-PHP-creates-risks-Update-2-1567532.html","https://www.cisa.gov/known-exploited-vulnerabilities-catalog",0.94386,0.99971,[49,50,51,52],"CVE-2012-1823","CVE-2012-2311","CVE-2012-2336","CVE-2012-2335",true,"NETSCAN-OPENVAS-1.3.6.1.4.1.25623.1.0.103482","PHP \u003C 5.3.13, 5.4.x \u003C 5.4.3 Multiple Vulnerabilities - Active Check","2018-01-02T00:00:00Z"]