CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-5223

The proc_deutf function in includes/functions_vbseocp_abstract.php in vBSEO 3.5.0, 3.5.1, 3.5.2, 3.6.0, and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" in the char_repl parameter, which is inserted into a regular expression that is processed by the preg_replace function with the eval switch.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.773

EPSS Ranking 98.9%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2012-5223

Crawlability » Vbseo » Version: 2.0.0

cpe:2.3:a:crawlability:vbseo:2.0.0
Crawlability » Vbseo » Version: 2.1.0

cpe:2.3:a:crawlability:vbseo:2.1.0
Crawlability » Vbseo » Version: 2.1.1

cpe:2.3:a:crawlability:vbseo:2.1.1
Crawlability » Vbseo » Version: 2.2.0

cpe:2.3:a:crawlability:vbseo:2.2.0
Crawlability » Vbseo » Version: 2.3.0

cpe:2.3:a:crawlability:vbseo:2.3.0
Crawlability » Vbseo » Version: 2.4.0

cpe:2.3:a:crawlability:vbseo:2.4.0
Crawlability » Vbseo » Version: 2.4.5

cpe:2.3:a:crawlability:vbseo:2.4.5
Crawlability » Vbseo » Version: 3.0.0

cpe:2.3:a:crawlability:vbseo:3.0.0
Crawlability » Vbseo » Version: 3.1.0

cpe:2.3:a:crawlability:vbseo:3.1.0
Crawlability » Vbseo » Version: 3.2.0

cpe:2.3:a:crawlability:vbseo:3.2.0
Crawlability » Vbseo » Version: 3.3.0

cpe:2.3:a:crawlability:vbseo:3.3.0
Crawlability » Vbseo » Version: 3.3.1

cpe:2.3:a:crawlability:vbseo:3.3.1
Crawlability » Vbseo » Version: 3.5.0

cpe:2.3:a:crawlability:vbseo:3.5.0
Crawlability » Vbseo » Version: 3.5.1

cpe:2.3:a:crawlability:vbseo:3.5.1
Crawlability » Vbseo » Version: 3.5.2

cpe:2.3:a:crawlability:vbseo:3.5.2
Crawlability » Vbseo » Version: 3.6.0

cpe:2.3:a:crawlability:vbseo:3.6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-5223

Products

Pricing

Contact Us