Lucene search

[email protected]CVE-2012-5328

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-5328

2022-10-0316:15:30

CWE-89

[email protected]

web.nvd.nist.gov

cve-2012-5328

sql injection

mingle forum plugin

wordpress

security vulnerability

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

44.5%

JSON

Multiple SQL injection vulnerabilities in the Mingle Forum plugin 1.0.32.1 and other versions before 1.0.33 for WordPress might allow remote authenticated users to execute arbitrary SQL commands via the (1) memberid or (2) groupid parameters in a removemember action or (3) id parameter to fs-admin/fs-admin.php, or (4) edit_forum_id parameter in an edit_save_forum action to fs-admin/wpf-edit-forum-group.php.

Affected configurations

NVD

Node

cartpaujmingle-forumRange≤1.0.32.1

cartpaujmingle-forumMatch1.0.00

cartpaujmingle-forumMatch1.0.01

cartpaujmingle-forumMatch1.0.02

cartpaujmingle-forumMatch1.0.03

cartpaujmingle-forumMatch1.0.04

cartpaujmingle-forumMatch1.0.05

cartpaujmingle-forumMatch1.0.06

cartpaujmingle-forumMatch1.0.07

cartpaujmingle-forumMatch1.0.08

cartpaujmingle-forumMatch1.0.09

cartpaujmingle-forumMatch1.0.10

cartpaujmingle-forumMatch1.0.11

cartpaujmingle-forumMatch1.0.12

cartpaujmingle-forumMatch1.0.13

cartpaujmingle-forumMatch1.0.14

cartpaujmingle-forumMatch1.0.15

cartpaujmingle-forumMatch1.0.16

cartpaujmingle-forumMatch1.0.17

cartpaujmingle-forumMatch1.0.18

cartpaujmingle-forumMatch1.0.19

cartpaujmingle-forumMatch1.0.20

cartpaujmingle-forumMatch1.0.21

cartpaujmingle-forumMatch1.0.21.1

cartpaujmingle-forumMatch1.0.22

cartpaujmingle-forumMatch1.0.23

cartpaujmingle-forumMatch1.0.23.1

cartpaujmingle-forumMatch1.0.23.2

cartpaujmingle-forumMatch1.0.24

cartpaujmingle-forumMatch1.0.25

cartpaujmingle-forumMatch1.0.26

cartpaujmingle-forumMatch1.0.27

cartpaujmingle-forumMatch1.0.28

cartpaujmingle-forumMatch1.0.28.1

cartpaujmingle-forumMatch1.0.28.2

cartpaujmingle-forumMatch1.0.29

cartpaujmingle-forumMatch1.0.30

cartpaujmingle-forumMatch1.0.31

cartpaujmingle-forumMatch1.0.31.1

cartpaujmingle-forumMatch1.0.31.2

cartpaujmingle-forumMatch1.0.31.3

cartpaujmingle-forumMatch1.0.31.4

cartpaujmingle-forumMatch1.0.32

AND

wordpresswordpressMatch-

CPENameOperatorVersion
cartpauj:mingle-forumcartpauj mingle-forumle1.0.32.1
cartpauj:mingle-forumcartpauj mingle-forumeq1.0.00
cartpauj:mingle-forumcartpauj mingle-forumeq1.0.01
cartpauj:mingle-forumcartpauj mingle-forumeq1.0.02
cartpauj:mingle-forumcartpauj mingle-forumeq1.0.03
cartpauj:mingle-forumcartpauj mingle-forumeq1.0.04
cartpauj:mingle-forumcartpauj mingle-forumeq1.0.05
cartpauj:mingle-forumcartpauj mingle-forumeq1.0.06
cartpauj:mingle-forumcartpauj mingle-forumeq1.0.07
cartpauj:mingle-forumcartpauj mingle-forumeq1.0.08

CPE	Name	Operator	Version
cartpauj:mingle-forum	cartpauj mingle-forum	le	1.0.32.1
cartpauj:mingle-forum	cartpauj mingle-forum	eq	1.0.00
cartpauj:mingle-forum	cartpauj mingle-forum	eq	1.0.01
cartpauj:mingle-forum	cartpauj mingle-forum	eq	1.0.02
cartpauj:mingle-forum	cartpauj mingle-forum	eq	1.0.03
cartpauj:mingle-forum	cartpauj mingle-forum	eq	1.0.04
cartpauj:mingle-forum	cartpauj mingle-forum	eq	1.0.05
cartpauj:mingle-forum	cartpauj mingle-forum	eq	1.0.06
cartpauj:mingle-forum	cartpauj mingle-forum	eq	1.0.07
cartpauj:mingle-forum	cartpauj mingle-forum	eq	1.0.08