Lucene search
MitreCVE-2012-5685HistoryAug 14, 2014 - 2:55 p.m.
CVE-2012-5685
2014-08-1414:55:05
CWE-89
mitre
web.nvd.nist.gov
23
sql injection
zpanel
security vulnerability
remote attackers
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
9.8
Confidence
High
EPSS
0.004
Percentile
73.4%
SQL injection vulnerability in ZPanel 10.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the inEmailAddress parameter in an UpdateClient action in the manage_clients module to the default URI.
Affected configurations
Node
zpanelcpzpanelRange≤10.0.1
Related
cvelist
cvelist
CVE-2012-5685
2014-08-14 14:00:00
CVE-2012-6654
2014-08-14 14:00:00
prion
prion
Sql injection
2014-08-14 14:55:00
Sql injection
2014-08-14 14:55:00
nvd
nvd
CVE-2012-5685
2014-08-14 14:55:05
CVE-2012-6654
2014-08-14 14:55:05
cve
cve
CVE-2012-6654
2014-08-14 14:55:05
exploitdb
exploitdb
packetstorm
packetstorm
ZPanel 10.0.1 XSS / CSRF / SQL Injection
2012-11-05 00:00:00
seebug
seebug
ZPanel <= 10.0.1 CSRF, XSS, SQLi, Password Reset
2014-07-01 00:00:00
exploitpack
exploitpack
zdt
zdt
ZPanel <= 10.0.1 CSRF/XSS/SQLi/Password Reset
2012-11-05 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
9.8
Confidence
High
EPSS
0.004
Percentile
73.4%
Related for CVE-2012-5685