NVD
- Id
- 44059
- Name
- CVE-2012-2239
- Description
- Mahara 1.4.x before 1.4.4 and 1.5.x before 1.5.3 allows remote attackers to read arbitrary files or create TCP connections via an XML external entity (XXE) injection attack, as demonstrated by reading config.php.
- Reject
- CVSS Version
- 2
- CVSS Score
- 6.4
- Severity
- Medium
- CVSS Base Score
- 6.4
- CVSS Impact Subscore
- 4.9
- CVSS Exploit Subscore
- 10
- CVSS Vector
- (AV:N/AC:L/Au:N/C:P/I:P/A:N)
- Pub Date
- 2017-01-19
- Published
- 2012-11-24
- Modified Date
- 2013-02-07
- Seq
- 2012-2239