Unrated severityNVD Advisory· Published Nov 15, 2012· Updated Jun 16, 2026
CVE-2012-4951
CVE-2012-4951
Description
Multiple SQL injection vulnerabilities in terminal/paramedit.aspx in VeriFone VeriCentre Web Console before 2.2 build 36 allow remote attackers to execute arbitrary SQL commands via the (1) TerminalId, (2) ModelName, or (3) ApplicationName parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:verifone:vericentre_web_console:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:verifone:vericentre_web_console:*:*:*:*:*:*:*:*range: <=2.2
- cpe:2.3:a:verifone:vericentre_web_console:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:verifone:vericentre_web_console:2.0.1:*:*:*:*:*:*:*
- (no CPE)range: <2.2 build 36
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.