Summary
vBSEO is prone to a remote code-execution vulnerability.
Exploiting this issue will allow attackers to execute arbitrary code within the context of the affected application.
vBSEO 3.5.0, 3.5.1, 3.5.2, and 3.6.0.are vulnerable other versions
may also be affected.
Solution
Updates are available. Please see the references for more details.
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2012-5223 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Arkeia Appliance Multiple Vulnerabilities
- Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object Remote Code Execution
- 'research_display.php' SQL Injection Vulnerability
- b2ePMS Multiple SQL Injection Vulnerabilities
- AlienVault OSSIM 'date_from' Parameter Multiple SQL Injection Vulnerabilities