VYPR
Unrated severityNVD Advisory· Published Apr 4, 2014· Updated Jun 16, 2026

CVE-2012-5648

CVE-2012-5648

Description

Multiple SQL injection vulnerabilities in Foreman before 1.0.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) app/models/hostext/search.rb or (2) app/models/puppetclass.rb, related to the search mechanism.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*range: <=1.0
    • cpe:2.3:a:theforeman:foreman:0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:theforeman:foreman:0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:theforeman:foreman:0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:theforeman:foreman:0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:theforeman:foreman:0.4.1:*:*:*:*:*:*:*
    • (no CPE)range: <1.0.2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.