Vulnerabilities > CVE-2012-6065 - Arbitrary PHP Code Execution vulnerability in Drupal OM Maximenu Module

CVSS 4.6 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

high complexity

daniel-honrade

drupal

NVD

Published: 2012-12-03

Updated: 2012-12-04

Summary

The OM Maximenu module 6.x-1.43 and earlier for Drupal, when the "Title has PHP" option is enabled, allows remote authenticated users with the "Administer OM Maximenu" permission to execute arbitrary PHP code via a "Link Title," a different vulnerability than CVE-2012-5553.

Vulnerable Configurations

Part	Description	Count
Application	Daniel_Honrade Daniel Honrade OM Maximenu 6.X-1.0 Daniel Honrade OM Maximenu 6.X-1.1 Daniel Honrade OM Maximenu 6.X-1.2 Daniel Honrade OM Maximenu 6.X-1.3 Daniel Honrade OM Maximenu 6.X-1.4 Daniel Honrade OM Maximenu 6.X-1.5 Daniel Honrade OM Maximenu 6.X-1.6 Daniel Honrade OM Maximenu 6.X-1.7 Daniel Honrade OM Maximenu 6.X-1.8 Daniel Honrade OM Maximenu 6.X-1.9 Daniel Honrade OM Maximenu 6.X-1.10 Daniel Honrade OM Maximenu 6.X-1.11 Daniel Honrade OM Maximenu 6.X-1.12 Daniel Honrade OM Maximenu 6.X-1.13 Daniel Honrade OM Maximenu 6.X-1.14 Daniel Honrade OM Maximenu 6.X-1.15 Daniel Honrade OM Maximenu 6.X-1.16 Daniel Honrade OM Maximenu 6.X-1.17 Daniel Honrade OM Maximenu 6.X-1.18 Daniel Honrade OM Maximenu 6.X-1.19 Daniel Honrade OM Maximenu 6.X-1.20 Daniel Honrade OM Maximenu 6.X-1.21 Daniel Honrade OM Maximenu 6.X-1.22 Daniel Honrade OM Maximenu 6.X-1.23 Daniel Honrade OM Maximenu 6.X-1.24 Daniel Honrade OM Maximenu 6.X-1.25 Daniel Honrade OM Maximenu 6.X-1.26 Daniel Honrade OM Maximenu 6.X-1.27 Daniel Honrade OM Maximenu 6.X-1.28 Daniel Honrade OM Maximenu 6.X-1.29 Daniel Honrade OM Maximenu 6.X-1.30 Daniel Honrade OM Maximenu 6.X-1.31 Daniel Honrade OM Maximenu 6.X-1.32 Daniel Honrade OM Maximenu 6.X-1.33 Daniel Honrade OM Maximenu 6.X-1.34 Daniel Honrade OM Maximenu 6.X-1.35 Daniel Honrade OM Maximenu 6.X-1.36 Daniel Honrade OM Maximenu 6.X-1.37 Daniel Honrade OM Maximenu 6.X-1.38 Daniel Honrade OM Maximenu 6.X-1.39 Daniel Honrade OM Maximenu 6.X-1.40 Daniel Honrade OM Maximenu 6.X-1.41 Daniel Honrade OM Maximenu 6.X-1.42 Daniel Honrade OM Maximenu * Daniel Honrade OM Maximenu 6.X-1.X	52
Application	Drupal Drupal Drupal -	1

Summary

Vulnerable Configurations

References