CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Coleman Watts: >> Webform Civicrm Security Vulnerabilities

CVE-2012-5554

The default configuration for the Webform CiviCRM Integration module 7.x-3.x before 7.x-3.2 has "Enforce Permissions" disabled, which allows remote attackers to obtain contact information by reading webforms.

CVSS Score

5.0

EPSS Score

0.002

Published

2012-12-03

Page 1

Vulnerabilities

Vulnerable Software

Coleman Watts: >> Webform Civicrm Security Vulnerabilities

Products

Pricing

Contact Us