Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2012-2306
cve-2012-2306
sql injection
drupal 6.x-4.2
addressbook module
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.7 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
51.7%
SQL injection vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Affected configurations
Node
willem_van_der_plaataddressbookRange≤6.x-4.2
drupaldrupalMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| drupal:drupal | drupal | eq | - |
Related
cvelist
cvelist
CVE-2012-2306
2022-10-03 16:15:36
nvd
nvd
CVE-2012-2306
2012-07-25 21:55:02
prion
prion
Sql injection
2012-07-25 21:55:00
drupal
drupal
SA-CONTRIB-2012-069 - Addressbook - Multiple vulnerabilities - Unsupported
2012-05-02 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.7 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
51.7%
Related for CVE-2012-2306