Lucene search

[email protected]CVE-2012-6525

HistoryJan 31, 2013 - 5:44 a.m.

CVE-2012-6525

2013-01-3105:44:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2012-6525

sql injection

phpbridges

members.php

remote attackers

arbitrary sql commands

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

34.3%

JSON

SQL injection vulnerability in members.php in PHPBridges allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected configurations

NVD

Node

phpbridges_dev_teamphpbridgesMatch-

CPENameOperatorVersion
phpbridges_dev_team:phpbridgesphpbridges dev team phpbridgeseq-

CPE	Name	Operator	Version
phpbridges_dev_team:phpbridges	phpbridges dev team phpbridges	eq	-

References

www.exploit-db.com/exploits/18384

www.osvdb.org/82526

www.securityfocus.com/bid/51552

exchange.xforce.ibmcloud.com/vulnerabilities/72451

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

34.3%

JSON

Related for CVE-2012-6525

prion1 nvd1 cvelist1