← Back

CVE-2012-1625

nvd nist
Published: Sep 20, 2012Modified: Apr 29, 2026

JSON object

Loading...
6.0
Vector
AV:N/AC:M/Au:S/C:P/I:P/A:P
Exploitability: 6.8 / Impact: 6.4
Source: NVD

Description

Eval injection vulnerability in the fillpdf_form_export_decode function in fillpdf.admin.inc in the Fill PDF module 6.x-1.x before 6.x-1.16 and 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with administer PDFs privileges to execute arbitrary PHP code via unspecified vectors. NOTE: Some of these details are obtained from third party information.

Affected (23)

Wizonesolutions
1 product
Fillpdf
Configuration A
23 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wizonesolutions
Fillpdf
Version 6.x-1.0
Fillpdf
Version 6.x-1.10
Fillpdf
Version 6.x-1.11
Fillpdf
Version 6.x-1.12
Fillpdf
Version 6.x-1.13
Fillpdf
Version 6.x-1.14
Fillpdf
Version 6.x-1.15
Fillpdf
Version 6.x-1.1
Fillpdf
Version 6.x-1.2
Fillpdf
Version 6.x-1.3
Fillpdf
Version 6.x-1.4
Fillpdf
Version 6.x-1.5
Fillpdf
Version 6.x-1.6
Fillpdf
Version 6.x-1.7
Fillpdf
Version 6.x-1.8
Fillpdf
Version 6.x-1.9
Fillpdf
Version 6.x-1.x dev
Fillpdf
Version 7.x-1.0
Fillpdf
Version 7.x-1.0 beta1
Fillpdf
Version 7.x-1.0 beta2
Fillpdf
Version 7.x-1.1
Fillpdf
Version 7.x-1.
Fillpdf
Version 7.x-1.x dev
Running on/withPlatform Versions
Drupal
Drupal
All versions

Related CWEs

CWE-94
Improper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (10)

Source: secalert@redhat.com
PatchVendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.