CVE-2012-1625 in fillpdfinfo

Summary

Eval injection vulnerability in the fillpdf_form_export_decode function in fillpdf.admin.inc in the Fill PDF module 6.x-1.x before 6.x-1.16 and 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with administer PDFs privileges to execute arbitrary PHP code via unspecified vectors. NOTE: Some of these details are obtained from third party information.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

03/12/2012

Disclosure

09/19/2012

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-94 (Confirmed)

CVSS

6.3

EPSS

0.00568

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-1625
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-1625
CVE Details	https://www.cvedetails.com/cve/CVE-2012-1625/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!