VYPR
Unrated severityNVD Advisory· Published Feb 10, 2012· Updated Jun 16, 2026

CVE-2012-0831

CVE-2012-0831

Description

PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • PHP/PHP2 versions
    cpe:2.3:a:php:php:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:php:php:*:*:*:*:*:*:*:*range: <=5.3.10
    • (no CPE)range: <5.3.10

Patches

Vulnerability mechanics

References

15

News mentions

0

No linked articles in our index yet.