CVE-2012-6046
PHP Enter - Remote Code Injection via admin/banners.php code Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2012-6046. PoCs published by L3b-r1'z.
AI-analyzed exploit summary This is a writeup describing a remote PHP code-injection vulnerability in PHP Enter 4.1.2. It includes a basic HTML form to demonstrate the vulnerability but lacks actual exploit code.
Description
Static code injection vulnerability in admin/banners.php in PHP Enter allows remote attackers to inject arbitrary PHP code into horad.php via the code parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by L3b-r1'z · htmlwebappsphp
https://www.exploit-db.com/exploits/37140
This is a writeup describing a remote PHP code-injection vulnerability in PHP Enter 4.1.2. It includes a basic HTML form to demonstrate the vulnerability but lacks actual exploit code.
Classification
Writeup 80%
Attack Type
Rce
Complexity
Trivial
Reliability
Theoretical
Target:
PHP Enter 4.1.2
Auth required
Prerequisites:
Access to the admin panel · Valid credentials
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/75464
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/53426
Exploit x_refsource_misc
http://packetstormsecurity.org/files/112536/PHP-Enter-Code-Injection.html
Scores
EPSS
0.0413
EPSS Percentile
89.5%
Details
CWE
CWE-94
Status
published
Products (1)
phpenter/php_enter
Published
Nov 27, 2012
Tracked Since
Feb 18, 2026