CVE-2012-3000
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2012-3000
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x before 11.2.0-HF3 and 11.2.x before 11.2.1-HF3 allow remote authenticated users to execute arbitrary SQL commands via the defaultQuery parameter.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
F5 BIG-IP SQL注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
F5 BIG-IP LTM等都是美国F5公司的产品。LTM是一款本地流量管理器;GTM是一款广域流量管理器;WebAccelerator是一款应用加速器。 多款F5 BIG-IP产品中存在SQL注入漏洞,该漏洞源于sam/admin/reports/php/saveSettings.php脚本没有充分过滤‘defaultQuery’参数。远程攻击者可利用该漏洞执行任意SQL命令。以下产品受到影响:F5 BIG-IP LTM,GTM,ASM,Link Controller,PSM,APM,Edge Gate
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2012-3000
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2012-3000
Please Login to view more intelligence information
- Vulnerability Lab - SEC Consultx_refsource_MISC
- SQL injection vulnerability from an authenticated source CVE-2012-3000x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2012-3000
Same Patch Batch · n/a · 2014-01-30 · 17 CVEs total
| CVE-2014-1610 | MediaWiki 输入验证漏洞 | |
| CVE-2013-7303 | SPIP 跨站脚本漏洞 | |
| CVE-2014-1837 | Joomla! StackIdeas Komento组件跨站脚本漏洞 | |
| CVE-2013-7246 | Daum Communications DaumGame ActiveX插件缓冲区溢出漏洞 | |
| CVE-2014-0793 | Joomla! StackIdeas Komento组件跨站脚本漏洞 | |
| CVE-2014-1611 | Drupal Anonymous Posting模块跨站脚本漏洞 | |
| CVE-2014-1612 | Media5 Mediatrix 4402 VoIP Gateway 跨站脚本漏洞 | |
| CVE-2013-0177 | Apache OFBiz 多个跨站脚本漏洞 | |
| CVE-2013-1376 | Adobe Reader和Acrobat 缓冲区溢出漏洞 | |
| CVE-2013-3084 | Belkin F5D8236-4 Router 未明跨站脚本漏洞 | |
| CVE-2013-3087 | Belkin N900 Router 未明跨站脚本漏洞 | |
| CVE-2013-3090 | Belkin N300 Router 未明跨站脚本漏洞 | |
| CVE-2014-0835 | IBM Security QRadar SIEM 跨站请求伪造漏洞 | |
| CVE-2014-0836 | IBM Security QRadar SIEM 跨站脚本漏洞 | |
| CVE-2014-0837 | IBM Security QRadar SIEM 加密问题漏洞 | |
| CVE-2014-0838 | IBM Security QRadar SIEM 安全漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-6667
PgBouncer missing authorization check in KILL_CLIENT admin c - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error - CVE-2026-6665
PgBouncer buffer overflow in SCRAM - CVE-2026-6664
PgBouncer integer overflow in PgBouncer network packet parsi - CVE-2026-8127
eladmin Users API Endpoint UserController.java checkLevel ac
V. Comments for CVE-2012-3000
No comments yet