CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-3474

The comments API in application/libraries/api/MY_Comments_Api_Object.php in the Ushahidi Platform before 2.5 allows remote attackers to obtain sensitive information about the e-mail address, IP address, and other attributes of the author of a comment via an API function call.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.3%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2012-3474

Ushahidi » Ushahidi Platform » Version: 1.0

cpe:2.3:a:ushahidi:ushahidi_platform:1.0
Ushahidi » Ushahidi Platform » Version: 1.2

cpe:2.3:a:ushahidi:ushahidi_platform:1.2
Ushahidi » Ushahidi Platform » Version: 2.0

cpe:2.3:a:ushahidi:ushahidi_platform:2.0
Ushahidi » Ushahidi Platform » Version: 2.1

cpe:2.3:a:ushahidi:ushahidi_platform:2.1
Ushahidi » Ushahidi Platform » Version: 2.2

cpe:2.3:a:ushahidi:ushahidi_platform:2.2
Ushahidi » Ushahidi Platform » Version: 2.2.1

cpe:2.3:a:ushahidi:ushahidi_platform:2.2.1
Ushahidi » Ushahidi Platform » Version: 2.3.1

cpe:2.3:a:ushahidi:ushahidi_platform:2.3.1
Ushahidi » Ushahidi Platform » Version: 2.3.2

cpe:2.3:a:ushahidi:ushahidi_platform:2.3.2
Ushahidi » Ushahidi Platform » Version: 2.4

cpe:2.3:a:ushahidi:ushahidi_platform:2.4
Ushahidi » Ushahidi Platform » Version: 2.4.1

cpe:2.3:a:ushahidi:ushahidi_platform:2.4.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-3474

Products

Pricing

Contact Us