CVE-2012-5159
60Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 75%
from disclosure to weapon15 days
Published on NVDSep 25
1st PoC+15d
metasploitSep 25
exploitation probability
75%top 1% of all CVEs
observed exploitation
nono source reports it
1 public exploit(s)
phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary PHP code via an eval injection attack.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/21834unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.