CVE-2012-1002

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0530%

EPSS Percentile17.60th

PublishedFeb 8, 2012

Last ModifiedApr 29, 2026

Vulnerability Description

SQL injection vulnerability in author/edit.php in OpenConf 4.x before 4.12 allows remote attackers to execute arbitrary SQL commands via the pid parameter.

Affected Platforms (CPE)

📦

Zakongroup

Openconf

= 4.00

📦

Zakongroup

Openconf

= 4.01

📦

Zakongroup

Openconf

= 4.02

📦

Zakongroup

Openconf

= 4.10

📦

Zakongroup

Openconf

= 4.11

References & Advisories

🔗 http://www.exploit-db.com/exploits/18820

🔗 http://www.openconf.com/news/#20120202

🔗 http://www.securityfocus.com/bid/51927

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/75399

🔗 http://www.exploit-db.com/exploits/18820

🔗 http://www.openconf.com/news/#20120202

🔗 http://www.securityfocus.com/bid/51927

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/75399

Vulnerability Description

Affected Platforms (CPE)

Openconf

Openconf

Openconf

Openconf

Openconf

References & Advisories

Related Vulnerabilities