Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5328

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2012-5328
Last Modified 31 Jan 2013 12:00:00
Published 08 Oct 2012 04:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2012-5328

Summary

Multiple SQL injection vulnerabilities in the Mingle Forum plugin 1.0.32.1 and other versions before 1.0.33 for WordPress might allow remote authenticated users to execute arbitrary SQL commands via the (1) memberid or (2) groupid parameters in a removemember action or (3) id parameter to fs-admin/fs-admin.php, or (4) edit_forum_id parameter in an edit_save_forum action to fs-admin/wpf-edit-forum-group.php.

Vulnerable Systems

Application

  • Cartpauj Mingle-forum 1.0.00

  • Cartpauj Mingle-forum 1.0.01

  • Cartpauj Mingle-forum 1.0.02

  • Cartpauj Mingle-forum 1.0.03

  • Cartpauj Mingle-forum 1.0.04

  • Cartpauj Mingle-forum 1.0.05

  • Cartpauj Mingle-forum 1.0.06

  • Cartpauj Mingle-forum 1.0.07

  • Cartpauj Mingle-forum 1.0.08

  • Cartpauj Mingle-forum 1.0.09

  • Cartpauj Mingle-forum 1.0.10

  • Cartpauj Mingle-forum 1.0.11

  • Cartpauj Mingle-forum 1.0.12

  • Cartpauj Mingle-forum 1.0.13

  • Cartpauj Mingle-forum 1.0.14

  • Cartpauj Mingle-forum 1.0.15

  • Cartpauj Mingle-forum 1.0.16

  • Cartpauj Mingle-forum 1.0.17

  • Cartpauj Mingle-forum 1.0.18

  • Cartpauj Mingle-forum 1.0.19

  • Cartpauj Mingle-forum 1.0.20

  • Cartpauj Mingle-forum 1.0.21

  • Cartpauj Mingle-forum 1.0.21.1

  • Cartpauj Mingle-forum 1.0.22

  • Cartpauj Mingle-forum 1.0.23

  • Cartpauj Mingle-forum 1.0.23.1

  • Cartpauj Mingle-forum 1.0.23.2

  • Cartpauj Mingle-forum 1.0.24

  • Cartpauj Mingle-forum 1.0.25

  • Cartpauj Mingle-forum 1.0.26

  • Cartpauj Mingle-forum 1.0.27

  • Cartpauj Mingle-forum 1.0.28

  • Cartpauj Mingle-forum 1.0.28.1

  • Cartpauj Mingle-forum 1.0.28.2

  • Cartpauj Mingle-forum 1.0.29

  • Cartpauj Mingle-forum 1.0.30

  • Cartpauj Mingle-forum 1.0.31

  • Cartpauj Mingle-forum 1.0.31.1

  • Cartpauj Mingle-forum 1.0.31.2

  • Cartpauj Mingle-forum 1.0.31.3

  • Cartpauj Mingle-forum 1.0.31.4

  • Cartpauj Mingle-forum 1.0.32

  • Cartpauj Mingle-forum 1.0.32.1


References

CONFIRM - http://wordpress.org/extend/plugins/mingle-forum/changelog/

CONFIRM - http://plugins.trac.wordpress.org/changeset?reponame=&new=492859@mingle-forum&old=487353@mingle-forum


Last Updated: 27 May 2016 11:00:56