Lucene search

K

RedhatCVELIST:CVE-2012-2073

HistoryAug 14, 2012 - 11:00 p.m.

CVE-2012-2073

2012-08-1423:00:00

redhat

www.cve.org

7.3 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.7%

The Bundle copy module 7.x-1.x before 7.x-1.1 for Drupal does not check for the “use PHP for settings” permission while importing settings, which allows remote authenticated users with certain permissions to execute arbitrary PHP code via unspecified vectors.

References

drupal.org/node/1506166

drupal.org/node/1506420

drupalcode.org/project/bundle_copy.git/commit/299bdca

osvdb.org/80676

secunia.com/advisories/48626

www.openwall.com/lists/oss-security/2012/04/07/1

www.securityfocus.com/bid/52811

exchange.xforce.ibmcloud.com/vulnerabilities/74439

7.3 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.7%

Related for CVELIST:CVE-2012-2073

drupal1 cve1 prion1 nvd1