Strix
26.1K

CVE-2012-6065

UnknownEPSS 1.05%

Last modified

CVE-2012-6065 is a vulnerability of currently unknown severity. The OM Maximenu module 6.x-1.43 and earlier for Drupal, when the "Title has PHP" option is enabled, allows remote authenticated users with the "Administer OM Maximenu" permission to execute arbitrary PHP code via a "Link Title," a different vulnerability than CVE-2012-5553.. EPSS estimates a 1.05% chance of exploitation in the next 30 days.

Description

The OM Maximenu module 6.x-1.43 and earlier for Drupal, when the "Title has PHP" option is enabled, allows remote authenticated users with the "Administer OM Maximenu" permission to execute arbitrary PHP code via a "Link Title," a different vulnerability than CVE-2012-5553.

Metrics

EPSS Probability
1.05%

59.9th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersionsUpdate
Daniel HonradeOm Maximenu<= 6.x-1.43
Daniel HonradeOm Maximenu6.x-1.0
Daniel HonradeOm Maximenu6.x-1.1
Daniel HonradeOm Maximenu6.x-1.2
Daniel HonradeOm Maximenu6.x-1.3
Daniel HonradeOm Maximenu6.x-1.4
Daniel HonradeOm Maximenu6.x-1.5
Daniel HonradeOm Maximenu6.x-1.6
Daniel HonradeOm Maximenu6.x-1.7
Daniel HonradeOm Maximenu6.x-1.8
Daniel HonradeOm Maximenu6.x-1.9
Daniel HonradeOm Maximenu6.x-1.10
Daniel HonradeOm Maximenu6.x-1.11
Daniel HonradeOm Maximenu6.x-1.12
Daniel HonradeOm Maximenu6.x-1.13
Daniel HonradeOm Maximenu6.x-1.14
Daniel HonradeOm Maximenu6.x-1.15
Daniel HonradeOm Maximenu6.x-1.16
Daniel HonradeOm Maximenu6.x-1.17
Daniel HonradeOm Maximenu6.x-1.18
Daniel HonradeOm Maximenu6.x-1.19
Daniel HonradeOm Maximenu6.x-1.20
Daniel HonradeOm Maximenu6.x-1.21
Daniel HonradeOm Maximenu6.x-1.22
Daniel HonradeOm Maximenu6.x-1.23
Daniel HonradeOm Maximenu6.x-1.24
Daniel HonradeOm Maximenu6.x-1.25
Daniel HonradeOm Maximenu6.x-1.26
Daniel HonradeOm Maximenu6.x-1.27
Daniel HonradeOm Maximenu6.x-1.28
Daniel HonradeOm Maximenu6.x-1.29
Daniel HonradeOm Maximenu6.x-1.30
Daniel HonradeOm Maximenu6.x-1.31
Daniel HonradeOm Maximenu6.x-1.32
Daniel HonradeOm Maximenu6.x-1.33
Daniel HonradeOm Maximenu6.x-1.34
Daniel HonradeOm Maximenu6.x-1.35
Daniel HonradeOm Maximenu6.x-1.36
Daniel HonradeOm Maximenu6.x-1.37
Daniel HonradeOm Maximenu6.x-1.38
Daniel HonradeOm Maximenu6.x-1.39
Daniel HonradeOm Maximenu6.x-1.40
Daniel HonradeOm Maximenu6.x-1.41
Daniel HonradeOm Maximenu6.x-1.42
Daniel HonradeOm Maximenu6.x-1.xDev

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2012-6065?
The OM Maximenu module 6.x-1.43 and earlier for Drupal, when the "Title has PHP" option is enabled, allows remote authenticated users with the "Administer OM Maximenu" permission to execute arbitrary PHP code via a "Link Title," a different vulnerability than CVE-2012-5553.
How severe is CVE-2012-6065?
Severity scoring for CVE-2012-6065 is pending analysis. The EPSS model estimates a 1.05% probability of exploitation in the next 30 days.
How do I fix CVE-2012-6065?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2012-6065?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST