Multiple SQL injection vulnerabilities in the Mingle Forum plugin 1.0.32.1 and other versions before 1.0.33 for WordPress might allow remote authenticated users to execute arbitrary SQL commands via the (1) memberid or (2) groupid parameters in a removemember action or (3) id parameter to fs-admin/fs-admin.php, or (4) edit_forum_id parameter in an edit_save_forum action to fs-admin/wpf-edit-forum-group.php.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:15:30
Updated: 2022-10-03T16:15:30
Reserved: 2022-10-03T00:00:00
Link: CVE-2012-5328
JSON object: View
NVD Information
Status : Modified
Published: 2012-10-08T20:55:01.823
Modified: 2023-11-07T02:12:31.253
Link: CVE-2012-5328
JSON object: View
Redhat Information
No data.
CWE