Lucene search
HistoryAug 14, 2014 - 2:55 p.m.
CVE-2012-6654
sql injection
zpanel
remote attackers
arbitrary sql commands
index.php
10 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
59.7%
Multiple SQL injection vulnerabilities in ZPanel 10.0.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) resetkey or (2) inConfEmail parameter to index.php, a different vulnerability than CVE-2012-5685.
| CPE | Name | Operator | Version |
|---|---|---|---|
| zpanelcp:zpanel | zpanelcp zpanel | le | 10.0.1 |
Related
cvelist
cvelist
CVE-2012-6654
2014-08-14 14:00:00
CVE-2012-5685
2014-08-14 14:00:00
prion
prion
Sql injection
2014-08-14 14:55:00
Sql injection
2014-08-14 14:55:00
cve
cve
CVE-2012-5685
2014-08-14 14:55:00
packetstorm
packetstorm
ZPanel 10.0.1 XSS / CSRF / SQL Injection
2012-11-05 00:00:00
seebug
seebug
ZPanel <= 10.0.1 CSRF, XSS, SQLi, Password Reset
2014-07-01 00:00:00
exploitpack
exploitpack
exploitdb
exploitdb
10 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
59.7%
Related for CVE-2012-6654