Lucene search
MitreCVE-2012-5304HistoryOct 06, 2012 - 10:55 p.m.
CVE-2012-5304
2012-10-0622:55:01
CWE-94
mitre
web.nvd.nist.gov
22
cve-2012-5304
static code injection
vulnerability
yvs image gallery
remote attackers
php code
administration security
installation documentation
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.003
Percentile
72.1%
Static code injection vulnerability in administration/install.php in YVS Image Gallery allows remote attackers to inject arbitrary PHP code into functions/db_connect.php via unspecified vectors. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product’s installation documentation.
Affected configurations
Node
yuriy_v_semenikhinyvs_image_galleryMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| yuriy_v_semenikhin | yvs_image_gallery | - | cpe:2.3:a:yuriy_v_semenikhin:yvs_image_gallery:-:*:*:*:*:*:*:* |
Related
prion
prion
Code injection
2012-10-06 22:55:00
nvd
nvd
CVE-2012-5304
2012-10-06 22:55:01
cvelist
cvelist
CVE-2012-5304
2012-10-06 22:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.003
Percentile
72.1%
Related for CVE-2012-5304