SQL injection vulnerability in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the groupid parameter in an editgroup action.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2014-01-16 13:55
Updated : 2016-12-07 19:02
NVD link : CVE-2012-6625
Mitre link : CVE-2012-6625
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
vasthtml
- forumpress