CVE-2012-2057
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2012-2057
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in the Ubercart Bulk Stock Updater module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors related to formAPI.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Drupal Ubercart Bulk Stock Updater模块跨站请求伪造漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。 Drupal中的Ubercart Bulk Stock Updater模块中存在跨站请求伪造(CSRF)漏洞。远程攻击者可利用该漏洞通过与formAPI相关的未知向量,劫持不知情受害者的身份验证。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2012-2057
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2012-2057
Please Login to view more intelligence information
Same Patch Batch · n/a · 2012-09-17 · 21 CVEs total
| CVE-2010-5078 | SilverStripe 权限许可和访问控制漏洞 | |
| CVE-2012-2996 | Trend Micro InterScan Messaging Security Suite 跨站请求伪造漏洞 | |
| CVE-2012-2995 | Trend Micro InterScan Messaging Security Suite 多个跨站脚本漏洞 | |
| CVE-2012-2575 | NetWin SurgeMail ‘Body’字段跨站脚本漏洞 | |
| CVE-2012-4968 | SilverStripe 多个跨站脚本漏洞 | |
| CVE-2011-4962 | SilverStripe 输入验证漏洞 | |
| CVE-2011-4961 | SilverStripe 权限许可和访问控制漏洞 | |
| CVE-2011-4960 | SilverStripe ‘Folder::findOrMake’方法SQL注入漏洞 | |
| CVE-2011-4959 | SilverStripe ‘addslashes’方法SQL注入漏洞 | |
| CVE-2010-5079 | SilverStripe 加密问题漏洞 | |
| CVE-2012-1899 | Webfolio CMS多个跨站脚本漏洞 | |
| CVE-2010-4824 | SilverStripe ‘augmentSQL’方法SQL注入漏洞 | |
| CVE-2010-4823 | SilverStripe ‘httpError’方法跨站脚本漏洞 | |
| CVE-2010-4822 | SilverStripe ‘core/model/MySQLDatabase.php’信息泄露漏洞 | |
| CVE-2012-2062 | Drupal Redirecting click bouncer模块开放重定向漏洞 | |
| CVE-2012-2061 | Drupal 管理工具模块跨站请求伪造漏洞 | |
| CVE-2012-2060 | Drupal 管理工具模块跨站脚本漏洞 | |
| CVE-2012-2059 | Drupal ticketyboo News Ticker模块跨站脚本漏洞 | |
| CVE-2012-2058 | Drupal Ubercart Payflow模块权限许可和访问控制漏洞 | |
| CVE-2012-2056 | Drupal Content Lock模块跨站请求伪造漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8196
JeecgBoot mLogin Endpoint LoginController.java authorization - CVE-2026-8195
JeecgBoot SVG File CommonController.java cross site scriptin - CVE-2026-8194
osTicket Dispatcher class.dispatcher.php cross-site request - CVE-2026-8193
Akaunting Invoice PDF Rendering dompdf.php server-side reque - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out-
V. Comments for CVE-2012-2057
No comments yet