NVD

Id
46523  
Name
CVE-2012-5327  
Description
Multiple SQL injection vulnerabilities in fs-admin/fs-admin.php in the Mingle Forum plugin 1.0.32.1 and other versions before 1.0.33 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) delete_usrgrp[] parameter in a delete_usergroups action, (2) usergroup parameter in an add_user_togroup action, or (3) add_forum_group_id parameter in an add_forum_submit action.  
Reject
 
CVSS Version
2  
CVSS Score
6.5  
Severity
Medium  
CVSS Base Score
6.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2012-10-08  
Modified Date
2013-01-31  
Seq
2012-5327  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
233112 46523 CVE-2012-5327 http://packetstormsecurity.org/files/view/108915/wpmingleforum-sqlxss.txt  View
233113 46523 CVE-2012-5327 http://plugins.trac.wordpress.org/changeset?reponame=&new=492859@mingle-forum&old=487353@mingle-forum  View
233114 46523 CVE-2012-5327 http://wordpress.org/extend/plugins/mingle-forum/changelog/  View
233115 46523 CVE-2012-5327 mingleforum-admin-sql-injection(72641)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
29127 JVNDB-2012-004834 WordPress 用 Mingle Forum プラグインの fs-admin/fs-admin.php における SQL インジェクションの脆弱性 WordPress 用 Mingle Forum プラグインの fs-admin/fs-admin.php には、SQL インジェクションの脆弱性が存在します。 CVE-2012-5327 58565 CVE-2012-5327 46523 6.5 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004834.html 2012-10-08 2012-10-11 View