Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5347

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-5347
Last Modified 10 Oct 2012 09:51:06
Published 09 Oct 2012 11:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-5347

Summary

TinyWebGallery 1.8.3 allows remote attackers to execute arbitrary code via shell metacharacters in the command parameter to (1) inc/filefunctions.inc or (2) info.php.

Vulnerable Systems

Application

  • Tinywebgallery 1.8.3


References

XF - tinywebgallery-multiple-command-execution(72157)

BID - 51325

OSVDB - 82481

EXPLOIT-DB - 18322


Last Updated: 27 May 2016 11:00:56