Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-6290
HistoryMar 11, 2014 - 7:37 p.m.

CVE-2012-6290

2014-03-1119:37:00
CWE-89
[email protected]
web.nvd.nist.gov
18
6
cve-2012-6290
sql injection
imagecms
remote authenticated
csrf
nvd

8 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

50.2%

JSON

SQL injection vulnerability in ImageCMS before 4.2 allows remote authenticated administrators to execute arbitrary SQL commands via the q parameter to admin/admin_search/. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to execute arbitrary SQL commands.

CPENameOperatorVersion
imagecms:imagecmsimagecmsle4.0.0

Social References

More

Related

packetstorm 1
seebug 2
htbridge 1
cvelist 2
securityvulns 2
prion 2
exploitpack 1
exploitdb 1
cve 1
packetstorm
packetstorm
ImageCMS 4.0.0b SQL Injection
2013-01-24 00:00:00
seebug
seebug
ImageCMS 4.0.0b Multiple Vulnerabilities
2014-07-01 00:00:00
ImageCMS SQL注入漏洞
2014-03-14 00:00:00
htbridge
htbridge
SQL Injection Vulnerability in ImageCMS
2012-12-05 00:00:00
cvelist
cvelist
CVE-2012-6290
2014-03-11 15:00:00
CVE-2013-7334
2022-10-03 16:14:53
securityvulns
securityvulns
SQL Injection Vulnerability in ImageCMS
2013-01-28 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2013-01-28 00:00:00
prion
prion
Sql injection
2014-03-11 19:37:00
Cross site request forgery (csrf)
2014-03-11 16:17:00
exploitpack
exploitpack
ImageCMS 4.0.0b - Multiple Vulnerabilities
2013-01-25 00:00:00
exploitdb
exploitdb
ImageCMS 4.0.0b - Multiple Vulnerabilities
2013-01-25 00:00:00
cve
cve
CVE-2013-7334
2014-03-11 16:17:00

8 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

50.2%

JSON
Related for CVE-2012-6290
packetstorm1seebug2htbridge1cvelist2securityvulns2prion2exploitpack1exploitdb1cve1