The widely used PHP programming language has been discovered with a new remote code execution vulnerability deemed critical severity.
Further, this vulnerability is related to a previously discovered and patched vulnerability, CVE-2012-1823, associated with arbitrary code execution.
However, PHP has patched this vulnerability as of June 6, 2024, and necessary security advisories have been released. This vulnerability affects multiple versions of PHP, including end-of-life versions such as PHP 5, PHP 7, and PHP 8.0.
https://cybersecuritynews.com/critical- ... erability/