CVE-2012-2311

This exploit leverages PHP CGI argument injection (CVE-2012-1823) by sending a crafted HTTP POST request with malicious query string parameters to enable remote code execution via PHP directives. The payload prepends arbitrary PHP code (phpinfo() in this case) to the executed script.

This Metasploit module exploits CVE-2012-1823, a PHP CGI argument injection vulnerability, by leveraging the -d flag to manipulate php.ini directives and achieve remote code execution. It sends a crafted POST request with malicious PHP code in the body, which is executed due to the misconfigured directives.

This Python script exploits CVE-2012-2311, a remote code execution vulnerability in PHP CGI configurations. It crafts a malicious HTTP POST request to trigger command execution via PHP's CGI mode, supporting both direct command execution and reverse shell payloads.

This exploit targets a vulnerability in PHP CGI (CVE-2012-2311) by bypassing security checks via the -d flag to execute arbitrary PHP code. It sends a crafted POST request to the PHP CGI binary, allowing remote code execution through a reverse shell payload.