Lucene search

K
cvelistMitreCVELIST:CVE-2012-6290
HistoryMar 11, 2014 - 3:00 p.m.

CVE-2012-6290

2014-03-1115:00:00
mitre
www.cve.org

8 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

50.5%

SQL injection vulnerability in ImageCMS before 4.2 allows remote authenticated administrators to execute arbitrary SQL commands via the q parameter to admin/admin_search/. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to execute arbitrary SQL commands.

8 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

50.5%