How severe is CVE-2012-5685?

The severity of CVE-2012-5685 has not been assessed with CVSS v3.

CVE-2012-5685

Name: zpanel
Author: zpanelcp

NONE

SQL injection vulnerability in ZPanel 10.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the inEmailAddress parameter in an UpdateClient action in the manage_clients modu

Опубликовано: 8/14/2014Обновлено: 4/12/2025

Описание

SQL injection vulnerability in ZPanel 10.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the inEmailAddress parameter in an UpdateClient action in the manage_clients module to the default URI.

ИИ-АнализНа базе ИИ

Затронутые продукты

zpanelcpzpanel

Доступные эксплойты (1)

EDB-22490

webappsmultipleVERIFIED

ZPanel 10.0.1 - Cross-Site Request Forgery / Cross-Site Scripting / SQL Injection / Password Reset

CVE-2012-5686CVE-2012-5685CVE-2012-5684+1 more

pcsjj11/5/2012

Ссылки

http://osvdb.org/show/osvdb/87142
http://secunia.com/advisories/51172
http://www.exploit-db.com/exploits/22490
Exploit
http://osvdb.org/show/osvdb/87142
http://secunia.com/advisories/51172
http://www.exploit-db.com/exploits/22490
Exploit