Unrated severityNVD Advisory· Published Sep 26, 2012· Updated Apr 29, 2026

CVE-2012-5162

Description

Multiple SQL injection vulnerabilities in oc-admin/ajax/ajax.php in OSClass before 2.3.5 allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) edit_category_post or (2) enable_category action to index.php.

Affected products

Osclass/Osclass
cpe:2.3:a:osclass:osclass:*:*:*:*:*:*:*:*
Range: <=2.3.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

osclass.org/2012/01/16/osclass-2-3-5/nvdVendor Advisory
secunia.com/advisories/47697nvdVendor Advisory
www.codseq.it/advisories/multiple_vulnerabilities_in_osclassnvd
exchange.xforce.ibmcloud.com/vulnerabilities/78964nvd
github.com/osclass/OSClass/commit/ff7ef8a97301aaaf6a97fe46c2c27981a86b4e2fnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000