CVE-2012-5537 in Simplenews Schedulerinformazioni

Riassunto

di MITRE

The Simplenews Scheduler module 6.x-2.x before 6.x-2.4 for Drupal allows remote authenticated users with the "send scheduled newsletters" permission to inject arbitrary PHP code into the scheduling form, which is later executed by cron.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

24/10/2012

Divulgazione

03/12/2012

Moderazione

accettato

Voce

VDB-63117

CPE

pronto

CWE

CWE-94 (confermato)

CVSS

6.3 (VulDB)

EPSS

0.01055

KEV

Attività

molto basso

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-5537
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-5537
CVE Details	https://www.cvedetails.com/cve/CVE-2012-5537/

◂ Precedente Visione D'ensemble Il prossimo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!