Unrated severityNVD Advisory· Published Oct 20, 2014· Updated May 6, 2026

CVE-2012-5244

Description

Multiple SQL injection vulnerabilities in Banana Dance B.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) return, (2) display, (3) table, or (4) search parameter to functions/suggest.php; (5) the id parameter to functions/widgets.php, (6) the category parameter to functions/print.php; or (7) the name parameter to functions/ajax.php.

Affected products

Bananadance/Banana Dance
cpe:2.3:a:bananadance:banana_dance:*:*:*:*:*:*:*:*
Range: <=b.2.6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/23573/nvdExploit
www.htbridge.com/advisory/HTB23118nvdExploit
osvdb.org/88535nvd
osvdb.org/88536nvd
osvdb.org/88537nvd
osvdb.org/88538nvd
exchange.xforce.ibmcloud.com/vulnerabilities/80746nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000