{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in the Mingle Forum plugin 1.0.32.1 and other versions before 1.0.33 for WordPress might allow remote authenticated users to execute arbitrary SQL commands via the (1) memberid or (2) groupid parameters in a removemember action or (3) id parameter to fs-admin/fs-admin.php, or (4) edit_forum_id parameter in an edit_save_forum action to fs-admin/wpf-edit-forum-group.php."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-10-08T20:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://wordpress.org/extend/plugins/mingle-forum/changelog/"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://plugins.trac.wordpress.org/changeset?reponame=&new=492859%40mingle-forum&old=487353%40mingle-forum"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-5328", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple SQL injection vulnerabilities in the Mingle Forum plugin 1.0.32.1 and other versions before 1.0.33 for WordPress might allow remote authenticated users to execute arbitrary SQL commands via the (1) memberid or (2) groupid parameters in a removemember action or (3) id parameter to fs-admin/fs-admin.php, or (4) edit_forum_id parameter in an edit_save_forum action to fs-admin/wpf-edit-forum-group.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://wordpress.org/extend/plugins/mingle-forum/changelog/", "refsource": "CONFIRM", "url": "http://wordpress.org/extend/plugins/mingle-forum/changelog/"}, {"name": "http://plugins.trac.wordpress.org/changeset?reponame=&new=492859@mingle-forum&old=487353@mingle-forum", "refsource": "CONFIRM", "url": "http://plugins.trac.wordpress.org/changeset?reponame=&new=492859@mingle-forum&old=487353@mingle-forum"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T21:05:46.952Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://wordpress.org/extend/plugins/mingle-forum/changelog/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://plugins.trac.wordpress.org/changeset?reponame=&new=492859%40mingle-forum&old=487353%40mingle-forum"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-5328", "datePublished": "2012-10-08T20:00:00Z", "dateReserved": "2012-10-08T00:00:00Z", "dateUpdated": "2024-09-16T17:54:27.305Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cartpauj:mingle-forum:*:*:*:*:*:*:*:*", "matchCriteriaId": "86442062-55D6-44A0-8ADC-415116F0519D", "versionEndIncluding": "1.0.32.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.00:*:*:*:*:*:*:*", "matchCriteriaId": "0575F80A-8CF3-4E21-8A00-8CF98B0A2ECA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.01:*:*:*:*:*:*:*", "matchCriteriaId": "840FCA04-3334-4D4A-9F89-42DAEB6D6163", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.02:*:*:*:*:*:*:*", "matchCriteriaId": "5FDBBB4B-1ED6-4F90-8FF6-2B4137FF7729", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.03:*:*:*:*:*:*:*", "matchCriteriaId": "6CB7EBEF-CEED-4947-B751-B675733ABD89", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.04:*:*:*:*:*:*:*", "matchCriteriaId": "AF012118-3D0B-44DA-93D2-8D3C3C39CF11", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.05:*:*:*:*:*:*:*", "matchCriteriaId": "B708A6F8-F41A-4DC9-B943-720A57C614F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.06:*:*:*:*:*:*:*", "matchCriteriaId": "C0978EC7-8F0E-47C1-88F9-3D695F4B9B87", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.07:*:*:*:*:*:*:*", "matchCriteriaId": "9F23F22C-FAC4-4933-AC93-B526B6E2CA03", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.08:*:*:*:*:*:*:*", "matchCriteriaId": "292551C2-6279-47F4-A878-3E83E71FFD1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.09:*:*:*:*:*:*:*", "matchCriteriaId": "95F56C25-68B4-46E9-8D91-9832759C6026", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "7BF3FA6A-5C03-4817-87FC-12603DF05332", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "EB033E81-9346-4160-B83B-E67D264DBEB9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "99C8F213-BED5-438A-BDB4-3DA5F4B4D158", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "24EC039D-E4BD-4F85-82E2-E74F50C1E4C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "EFF7E37B-61C4-4354-9A7C-92C47F25A608", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "2D75DACF-1E07-4940-B4CD-D80845FE351C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "2ED47732-4DBD-4374-8C47-859455D4CEDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "FC4448FE-8B97-44A8-ADC4-9041751084AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "C95A3680-677E-4862-801D-AFA4391D8828", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.19:*:*:*:*:*:*:*", "matchCriteriaId": "CA87C76B-898B-4978-BD3E-4FB04C18CBAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.20:*:*:*:*:*:*:*", "matchCriteriaId": "6CFF9F60-0181-4ABA-B6F3-45E7460E4E05", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.21:*:*:*:*:*:*:*", "matchCriteriaId": "A5306D96-3FCA-467D-AE66-37BEFB44ACFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.21.1:*:*:*:*:*:*:*", "matchCriteriaId": "D34BD47A-A20F-498E-856A-12BADA8A666D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.22:*:*:*:*:*:*:*", "matchCriteriaId": "1E548339-70C7-4346-B23A-7D2C3ABC7486", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.23:*:*:*:*:*:*:*", "matchCriteriaId": "936CA7DC-AB5C-4E6F-B50D-71E0408F06B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.23.1:*:*:*:*:*:*:*", "matchCriteriaId": "59D2E42A-FDD0-4A30-A62D-E17AC027C768", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.23.2:*:*:*:*:*:*:*", "matchCriteriaId": "3071F8CA-748D-44A7-AAE9-FC5F2E50ED15", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.24:*:*:*:*:*:*:*", "matchCriteriaId": "CF92294F-9ABE-4038-B3DA-C16C0515666D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.25:*:*:*:*:*:*:*", "matchCriteriaId": "500BE334-4811-440D-BF65-0D1DC3328FAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.26:*:*:*:*:*:*:*", "matchCriteriaId": "5C16C002-2F14-4926-9CF2-50745EA0F62B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.27:*:*:*:*:*:*:*", "matchCriteriaId": "5AF093A7-6343-4EBE-9A06-AE670F4D9119", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.28:*:*:*:*:*:*:*", "matchCriteriaId": "7E93A0CE-2B4B-498F-95E4-C33D1850C876", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.28.1:*:*:*:*:*:*:*", "matchCriteriaId": "181E1DF5-CB65-4219-96AF-82C270B7EAA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.28.2:*:*:*:*:*:*:*", "matchCriteriaId": "A033047B-8178-4BCC-AAC1-944EC0FE0143", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.29:*:*:*:*:*:*:*", "matchCriteriaId": "626382E0-7A71-4191-A92C-058E36850D66", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.30:*:*:*:*:*:*:*", "matchCriteriaId": "6381407B-C185-4A08-94A4-7325B693DFA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.31:*:*:*:*:*:*:*", "matchCriteriaId": "1818BA74-491B-4C7C-AAFF-9CB7E7CBCEAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.31.1:*:*:*:*:*:*:*", "matchCriteriaId": "5F731579-C039-4631-A159-3F03C15CE9BE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.31.2:*:*:*:*:*:*:*", "matchCriteriaId": "4393F949-DB12-4AC2-9DF5-FCBDCE366261", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.31.3:*:*:*:*:*:*:*", "matchCriteriaId": "DE317122-A3D1-4FD2-9712-8458A009F9E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.31.4:*:*:*:*:*:*:*", "matchCriteriaId": "94A469D5-9AC7-4D47-8FCC-905D45CE096F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cartpauj:mingle-forum:1.0.32:*:*:*:*:*:*:*", "matchCriteriaId": "3F976A13-60CA-47C1-8A56-40FC20F120B6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*", "matchCriteriaId": "A77EB0E7-7FA7-4232-97DF-7C7587D163F1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in the Mingle Forum plugin 1.0.32.1 and other versions before 1.0.33 for WordPress might allow remote authenticated users to execute arbitrary SQL commands via the (1) memberid or (2) groupid parameters in a removemember action or (3) id parameter to fs-admin/fs-admin.php, or (4) edit_forum_id parameter in an edit_save_forum action to fs-admin/wpf-edit-forum-group.php."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en el complemento Mingle Forum v1.0.32.1 y otras versiones antes de v1.0.33 para WordPress podr\u00eda permitir a usuarios remotos autenticados ejecutar comandos SQL a trav\u00e9s de los par\u00e1metros (1) memberid o (2) groupid en una acci\u00f3n removemember o el par\u00e1metro (3) id a fs-admin/fs-admin.php, o el par\u00e1metro (4) edit_forum_id parameter en una acci\u00f3n edit_save_forum a fs-admin/wpf-edit-forum-group.php."}], "id": "CVE-2012-5328", "lastModified": "2024-11-21T01:44:30.870", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-10-08T20:55:01.823", "references": [{"source": "cve@mitre.org", "url": "http://plugins.trac.wordpress.org/changeset?reponame=&new=492859%40mingle-forum&old=487353%40mingle-forum"}, {"source": "cve@mitre.org", "url": "http://wordpress.org/extend/plugins/mingle-forum/changelog/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://plugins.trac.wordpress.org/changeset?reponame=&new=492859%40mingle-forum&old=487353%40mingle-forum"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://wordpress.org/extend/plugins/mingle-forum/changelog/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}