Lucene search

[email protected]CVE-2012-1625

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-1625

2022-10-0316:15:26

CWE-94

[email protected]

web.nvd.nist.gov

cve-2012-1625

eval injection

fill pdf module

drupal

remote authenticated users

php code

nvd

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.2%

JSON

Eval injection vulnerability in the fillpdf_form_export_decode function in fillpdf.admin.inc in the Fill PDF module 6.x-1.x before 6.x-1.16 and 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with administer PDFs privileges to execute arbitrary PHP code via unspecified vectors. NOTE: Some of these details are obtained from third party information.

Affected configurations

NVD

Node

wizonesolutionsfillpdfMatch6.x-1.0

wizonesolutionsfillpdfMatch6.x-1.1

wizonesolutionsfillpdfMatch6.x-1.2

wizonesolutionsfillpdfMatch6.x-1.3

wizonesolutionsfillpdfMatch6.x-1.4

wizonesolutionsfillpdfMatch6.x-1.5

wizonesolutionsfillpdfMatch6.x-1.6

wizonesolutionsfillpdfMatch6.x-1.7

wizonesolutionsfillpdfMatch6.x-1.8

wizonesolutionsfillpdfMatch6.x-1.9

wizonesolutionsfillpdfMatch6.x-1.10

wizonesolutionsfillpdfMatch6.x-1.11

wizonesolutionsfillpdfMatch6.x-1.12

wizonesolutionsfillpdfMatch6.x-1.13

wizonesolutionsfillpdfMatch6.x-1.14

wizonesolutionsfillpdfMatch6.x-1.15

wizonesolutionsfillpdfMatch6.x-1.xdev

wizonesolutionsfillpdfMatch7.x-1.

wizonesolutionsfillpdfMatch7.x-1.0

wizonesolutionsfillpdfMatch7.x-1.0beta1

wizonesolutionsfillpdfMatch7.x-1.0beta2

wizonesolutionsfillpdfMatch7.x-1.1

wizonesolutionsfillpdfMatch7.x-1.xdev

AND

drupaldrupalMatch-

CPENameOperatorVersion
wizonesolutions:fillpdfwizonesolutions fillpdfeq6.x-1.0
wizonesolutions:fillpdfwizonesolutions fillpdfeq6.x-1.1
wizonesolutions:fillpdfwizonesolutions fillpdfeq6.x-1.2
wizonesolutions:fillpdfwizonesolutions fillpdfeq6.x-1.3
wizonesolutions:fillpdfwizonesolutions fillpdfeq6.x-1.4
wizonesolutions:fillpdfwizonesolutions fillpdfeq6.x-1.5
wizonesolutions:fillpdfwizonesolutions fillpdfeq6.x-1.6
wizonesolutions:fillpdfwizonesolutions fillpdfeq6.x-1.7
wizonesolutions:fillpdfwizonesolutions fillpdfeq6.x-1.8
wizonesolutions:fillpdfwizonesolutions fillpdfeq6.x-1.9

CPE	Name	Operator	Version
wizonesolutions:fillpdf	wizonesolutions fillpdf	eq	6.x-1.0
wizonesolutions:fillpdf	wizonesolutions fillpdf	eq	6.x-1.1
wizonesolutions:fillpdf	wizonesolutions fillpdf	eq	6.x-1.2
wizonesolutions:fillpdf	wizonesolutions fillpdf	eq	6.x-1.3
wizonesolutions:fillpdf	wizonesolutions fillpdf	eq	6.x-1.4
wizonesolutions:fillpdf	wizonesolutions fillpdf	eq	6.x-1.5
wizonesolutions:fillpdf	wizonesolutions fillpdf	eq	6.x-1.6
wizonesolutions:fillpdf	wizonesolutions fillpdf	eq	6.x-1.7
wizonesolutions:fillpdf	wizonesolutions fillpdf	eq	6.x-1.8
wizonesolutions:fillpdf	wizonesolutions fillpdf	eq	6.x-1.9

Rows per page:

1-10 of 211

References

drupal.org/node/1394428

osvdb.org/78182

secunia.com/advisories/47418

www.openwall.com/lists/oss-security/2012/04/07/1

www.securityfocus.com/bid/51288

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.2%

JSON

Related for CVE-2012-1625

prion2 nvd2 cvelist2 drupal1 cve1