Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-1641
HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-1641

2022-10-0316:15:26
CWE-264
[email protected]
web.nvd.nist.gov
19
cve-2012-1641
drupal
security vulnerability
remote code execution
admin permission

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.8%

JSON

The finder_import function in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote authenticated users with the administer finder permission to execute arbitrary PHP code via admin/build/finder/import.

Affected configurations

NVD
Node
danielbfinderMatch6.x-1.0
OR
danielbfinderMatch6.x-1.0alpha1
OR
danielbfinderMatch6.x-1.0alpha10
OR
danielbfinderMatch6.x-1.0alpha11
OR
danielbfinderMatch6.x-1.0alpha12
OR
danielbfinderMatch6.x-1.0alpha13
OR
danielbfinderMatch6.x-1.0alpha14
OR
danielbfinderMatch6.x-1.0alpha15
OR
danielbfinderMatch6.x-1.0alpha16
OR
danielbfinderMatch6.x-1.0alpha17
OR
danielbfinderMatch6.x-1.0alpha18
OR
danielbfinderMatch6.x-1.0alpha19
OR
danielbfinderMatch6.x-1.0alpha2
OR
danielbfinderMatch6.x-1.0alpha20
OR
danielbfinderMatch6.x-1.0alpha21
OR
danielbfinderMatch6.x-1.0alpha22
OR
danielbfinderMatch6.x-1.0alpha23
OR
danielbfinderMatch6.x-1.0alpha24
OR
danielbfinderMatch6.x-1.0alpha25
OR
danielbfinderMatch6.x-1.0alpha26
OR
danielbfinderMatch6.x-1.0alpha27
OR
danielbfinderMatch6.x-1.0alpha28
OR
danielbfinderMatch6.x-1.0alpha3
OR
danielbfinderMatch6.x-1.0alpha4
OR
danielbfinderMatch6.x-1.0alpha5
OR
danielbfinderMatch6.x-1.0alpha6
OR
danielbfinderMatch6.x-1.0alpha7
OR
danielbfinderMatch6.x-1.0alpha8
OR
danielbfinderMatch6.x-1.0alpha9
OR
danielbfinderMatch6.x-1.0beta1
OR
danielbfinderMatch6.x-1.0beta2
OR
danielbfinderMatch6.x-1.0beta3
OR
danielbfinderMatch6.x-1.0rc1
OR
danielbfinderMatch6.x-1.0rc2
OR
danielbfinderMatch6.x-1.0rc3
OR
danielbfinderMatch6.x-1.0rc4
OR
danielbfinderMatch6.x-1.0unstable0
OR
danielbfinderMatch6.x-1.0unstable1
OR
danielbfinderMatch6.x-1.0unstable2
OR
danielbfinderMatch6.x-1.0unstable3
OR
danielbfinderMatch6.x-1.0unstable4
OR
danielbfinderMatch6.x-1.0unstable5
OR
danielbfinderMatch6.x-1.0unstable6
OR
danielbfinderMatch6.x-1.0unstable7
OR
danielbfinderMatch6.x-1.1
OR
danielbfinderMatch6.x-1.2
OR
danielbfinderMatch6.x-1.3
OR
danielbfinderMatch6.x-1.4
OR
danielbfinderMatch6.x-1.5
OR
danielbfinderMatch6.x-1.6
OR
danielbfinderMatch6.x-1.7
OR
danielbfinderMatch6.x-1.8
OR
danielbfinderMatch6.x-1.9
OR
danielbfinderMatch6.x-1.10
OR
danielbfinderMatch6.x-1.11
OR
danielbfinderMatch6.x-1.12
OR
danielbfinderMatch6.x-1.13
OR
danielbfinderMatch6.x-1.14
OR
danielbfinderMatch6.x-1.15
OR
danielbfinderMatch6.x-1.16
OR
danielbfinderMatch6.x-1.17
OR
danielbfinderMatch6.x-1.18
OR
danielbfinderMatch6.x-1.19
OR
danielbfinderMatch6.x-1.20
OR
danielbfinderMatch6.x-1.21
OR
danielbfinderMatch6.x-1.23
OR
danielbfinderMatch6.x-1.24
OR
danielbfinderMatch6.x-1.x-dev
OR
danielbfinderMatch7.x-1.0
OR
danielbfinderMatch7.x-1.1
OR
danielbfinderMatch7.x-1.2
OR
danielbfinderMatch7.x-1.3
OR
danielbfinderMatch7.x-1.4
OR
danielbfinderMatch7.x-1.5
OR
danielbfinderMatch7.x-1.6
OR
danielbfinderMatch7.x-1.xdev
OR
danielbfinderMatch7.x-2.0alpha1
OR
danielbfinderMatch7.x-2.0alpha2
OR
danielbfinderMatch7.x-2.0alpha3
OR
danielbfinderMatch7.x-2.0alpha4
OR
danielbfinderMatch7.x-2.0alpha5
OR
danielbfinderMatch7.x-2.0alpha6
OR
danielbfinderMatch7.x-2.xdev
AND
drupaldrupalMatch-

Related

nvd 1
drupal 1
prion 1
cvelist 1
nvd
nvd
CVE-2012-1641
2012-08-28 17:55:03
drupal
drupal
SA-CONTRIB-2012-017 - Finder - Multiple vulnerabilities
2012-02-08 00:00:00
prion
prion
Design/Logic Flaw
2012-08-28 17:55:00
cvelist
cvelist
CVE-2012-1641
2022-10-03 16:15:26

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.8%

JSON
Related for CVE-2012-1641
nvd1drupal1prion1cvelist1