Security Advisory

CVE-2012-3468

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-08-12 21:00:00

Last updated 2024-09-17 01:12:00

Assigner redhat

State PUBLISHED

Description

Multiple SQL injection vulnerabilities in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) the verify function in application/controllers/alerts.php, (2) the save_all function in application/models/settings.php, or (3) the media type to the timeline function in application/controllers/json.php.

← Browse all CVEs View on cve.org ↗