VYPR
Unrated severityNVD Advisory· Published May 11, 2012· Updated Jun 16, 2026

CVE-2012-2335

CVE-2012-2335

Description

php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c component and a query string beginning with a +- sequence.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.